WPScan: Email Leak Oracle Vulnerability Addressed in WordPress 6.3.2
During a thorough analysis of WordPress’ internals, we discovered a subtle bug that allowed unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website.
If successfully exploited, attackers could gather email addresses, putting user privacy at risk.
Upon identifying the vulnerability, we promptly alerted the WordPress team, who released version 6.3.2 to fix the issue. It is crucial for administrators to ensure their WordPress installations are fully updated to safeguard against this vulnerability.
There are no comments yet.