What is CVE-2023-5003?

CVE-2023-5003 is a vulnerability in Active Directory Integration / Ldap, classified under CWE-538 INSERTION OF SENSITIVE INFORMATION INTO EXTERNALLY-ACCESSIBLE FILE OR DIRECTORY. Published 2023-10-16.

Is CVE-2023-5003 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Active Directory Integration / Ldap

CVE-2023-5003

The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains acce…

EPSS: 0.778 (99.0th percentile) — read the EPSS interpretation.

Affected products

Unknown Active Directory Integration / Ldap — versions 0

Public proof-of-concept exploits

20142995/nuclei-templates

References

wpscan.com/vulnerability/91f4e500-71f3-4ef6-9cc7-24a7c12a5748 (exploit, vdb-entry, technical-description)

Frequently asked questions

What is CVE-2023-5003?: CVE-2023-5003 is a vulnerability in Active Directory Integration / Ldap, classified under CWE-538 INSERTION OF SENSITIVE INFORMATION INTO EXTERNALLY-ACCESSIBLE FILE OR DIRECTORY. Published 2023-10-16.
Is CVE-2023-5003 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.