[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fGkTr1QTzybsrf5c_ilixJLMM_xgALdJ9_WtVaSwqUY4":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2023-4506","active-directory-integration-ldap-integration-sensitive-information-exposure","Active Directory Integration \u002F LDAP Integration \u003C= 4.1.9 - Sensitive Information Exposure","The Active Directory Integration \u002F LDAP Integration plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 4.1.9 via a publicly accessible LDAP log buffer created when an administrator exports the logs. This makes it possible for unauthenticated attackers to visit the log URL and obtain the LDAP logs, especially in cases where directory indexing is enabled.","ldap-login-for-intranet-sites",null,"\u003C=4.1.9","4.1.10","high",7.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:N\u002FA:N","Exposure of Sensitive Information to an Unauthorized Actor","2023-09-25 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F1c667631-7934-467e-baa2-7c3b0160c3a5?source=api-prod",120]