CyberRota
← Ana sayfaya dön

CVE-2026-8383

MEDIUM · CVSS 5.3 EPSS %0.42

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-17T13:21:22.303 · Çekilme zamanı: 2026-06-30T12:25:16.551985+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-8383
Severity
MEDIUM
CVSS
5.3
EPSS
%0.42
WordPress

Orijinal NVD Açıklaması

The LearnPress WordPress plugin before 4.3.7 does not gate the `edit` context on one of its REST endpoint behind the `edit_users` capability, allowing unauthenticated visitors to retrieve each returned user's roles, full capabilities map, extra capabilities, locale, and registration date via a crafted request