漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
KiviCare Management System < 3.2.1 - Subscriber+ Sensitive Information Disclosure
Vulnerability Description
The KiviCare WordPress plugin before 3.2.1 does not restrict the information returned in a response and returns all user data, allowing low privilege users such as subscriber to retrieve sensitive information such as the user email and hashed password of other users
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WordPress plugin KiviCare Management System 信息泄露漏洞
Vulnerability Description
WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress plugin KiviCare Management System 3.2.1之前版本存在信息泄露漏洞,该漏洞源于不限制响应中返回的信息并返回所有用户数据,允许低权限用户检索敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A