mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-05 10:17:57 +00:00
788 B
788 B
CVE-2023-6155
Description
The Quiz Maker WordPress plugin before 6.4.9.5 does not adequately authorize the ays_quiz_author_user_search AJAX action, allowing an unauthenticated attacker to perform a search for users of the system, ultimately leaking user email addresses.
POC
Reference
Github
No PoCs found on GitHub currently.