CVE-2022-43504
05.12.2022, 04:15
Improper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to obtain the email address of the user who posted a blog using the WordPress Post by Email Feature. The developer also provides new patched releases for all versions since 3.7.Enginsight
| Vendor | Product | Version |
|---|---|---|
| wordpress | wordpress | 𝑥 < 3.7.40 |
| wordpress | wordpress | 3.8 ≤ 𝑥 < 3.8.40 |
| wordpress | wordpress | 3.9 ≤ 𝑥 < 3.9.39 |
| wordpress | wordpress | 4.0 ≤ 𝑥 < 4.0.37 |
| wordpress | wordpress | 4.1 ≤ 𝑥 < 4.1.37 |
| wordpress | wordpress | 4.2 ≤ 𝑥 < 4.2.34 |
| wordpress | wordpress | 4.3 ≤ 𝑥 < 4.3.30 |
| wordpress | wordpress | 4.4 ≤ 𝑥 < 4.4.29 |
| wordpress | wordpress | 4.5 ≤ 𝑥 < 4.5.28 |
| wordpress | wordpress | 4.6 ≤ 𝑥 < 4.6.25 |
| wordpress | wordpress | 4.7 ≤ 𝑥 < 4.7.25 |
| wordpress | wordpress | 4.8 ≤ 𝑥 < 4.8.21 |
| wordpress | wordpress | 4.9 ≤ 𝑥 < 4.9.22 |
| wordpress | wordpress | 5.0 ≤ 𝑥 < 5.0.18 |
| wordpress | wordpress | 5.1 ≤ 𝑥 < 5.1.15 |
| wordpress | wordpress | 5.2 ≤ 𝑥 < 5.2.17 |
| wordpress | wordpress | 5.3 ≤ 𝑥 < 5.3.14 |
| wordpress | wordpress | 5.4 ≤ 𝑥 < 5.4.12 |
| wordpress | wordpress | 5.5 ≤ 𝑥 < 5.5.11 |
| wordpress | wordpress | 5.6 ≤ 𝑥 < 5.6.10 |
| wordpress | wordpress | 5.7 ≤ 𝑥 < 5.7.8 |
| wordpress | wordpress | 5.8 ≤ 𝑥 < 5.8.6 |
| wordpress | wordpress | 5.9 ≤ 𝑥 < 5.9.5 |
| wordpress | wordpress | 6.0 ≤ 𝑥 < 6.0.3 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Common Weakness Enumeration