CVE-2023-6250: BestWebSoft's Like & Share < 2.74 - Unauthenticated Password Protected Post Read
First published: Tue Dec 26 2023(Updated: )
The BestWebSoft's Like & Share WordPress plugin before 2.74 discloses the content of password protected posts to unauthenticated users via a meta tag
Credit: contact@wpscan.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Bestwebsoft Like & Share | <2.74 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2023-6250?
CVE-2023-6250 has been classified as a vulnerability that allows unauthorized disclosure of information, which may pose moderate risk to affected systems.
How do I fix CVE-2023-6250?
To remediate CVE-2023-6250, update the BestWebSoft Like & Share plugin to version 2.74 or later.
Who is affected by CVE-2023-6250?
CVE-2023-6250 affects installations of the BestWebSoft Like & Share WordPress plugin prior to version 2.74.
What types of data are exposed in CVE-2023-6250?
CVE-2023-6250 allows the disclosure of the content of password protected posts to unauthenticated users.
Is there a workaround for CVE-2023-6250?
There is no official workaround for CVE-2023-6250; the only solution is to update the plugin.
- agent/weakness
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/severity
- agent/title
- agent/author
- agent/references
- agent/description
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/bestwebsoft
- canonical/bestwebsoft like & share