Unrated severityNVD Advisory· Published Dec 5, 2022· Updated Apr 24, 2025
CVE-2022-43504
CVE-2022-43504
Description
Improper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to obtain the email address of the user who posted a blog using the WordPress Post by Email Feature. The developer also provides new patched releases for all versions since 3.7.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4<6.0.3+ 1 more
- (no CPE)range: <6.0.3
- (no CPE)range: versions prior to 6.0.3
- osv-coords2 versions
< 3.7.40+ 1 more
- (no CPE)range: < 3.7.40
- (no CPE)range: < 3.7.40
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.