CVE-2023-5561
Published: 16 October 2023
Summary
CVE-2023-5561 is a medium-severity an unspecified weakness vulnerability in Wordpress Wordpress. Its CVSS base score is 5.3 (Medium).
Operationally, ranked in the top 2.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
WordPress contains an information disclosure vulnerability because it does not properly restrict which user fields are searchable through the REST API. The flaw affects sites running versions prior to the 6.3.2 release and enables queries against user data associated with public posts.
Unauthenticated attackers can issue crafted REST API requests that function as an oracle, allowing them to enumerate and confirm the email addresses of any users who have published public posts. The attack requires no authentication or user interaction and results only in limited confidentiality impact, reflected in the CVSS 5.3 score.
Advisories from Debian and WPScan indicate that the issue was resolved in WordPress 6.3.2; site administrators are advised to apply the update promptly. Corresponding Debian LTS packages were also released to address the vulnerability in supported distributions.
The CVE carries an EPSS score that reached a peak of 0.6487 before settling at the current value of 0.5302.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-57861
Vulnerability details
WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.