CVE-2023-6155
- Reference to the description:
- Description:
- The Quiz Maker WordPress plugin before 6.4.9.5 does not adequately authorize the `ays_quiz_author_user_search` AJAX action, allowing an unauthenticated attacker to perform a search for users of the system, ultimately leaking user email addresses.
- Last updated date:
- 09/12/2024
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 01/02/2024
- Reference url to background
https://wpscan.com/vulnerability/c62be802-e91a-4bcf-990d-8fd8ef7c9a28