Medium severity5.3NVD Advisory· Published Dec 26, 2023· Updated Jun 17, 2026
CVE-2023-6155
CVE-2023-6155
Description
The Quiz Maker WordPress plugin before 6.4.9.5 does not adequately authorize the ays_quiz_author_user_search AJAX action, allowing an unauthenticated attacker to perform a search for users of the system, ultimately leaking user email addresses.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Quiz Maker WordPress plugindescription
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/c62be802-e91a-4bcf-990d-8fd8ef7c9a28nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.