U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2023-5561

Change History

Initial Analysis by NIST 10/20/2023 2:53:56 PM

Action Type Old Value New Value
Added CPE Configuration

     *cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* versions from (including) 4.7 up to (excluding) 4.7.27
     *cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* versions from (including) 4.8 up to (excluding) 4.8.23
     *cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* versions from (including) 4.9 up to (excluding) 4.9.24
     *cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* versions from (including) 5.0 up to (excluding) 5.0.20
     *cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* versions from (including) 5.1 up to (excluding) 5.1.17
     *cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* versions from (including) 5.2 up to (excluding) 5.2.19
     *cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* versions from (including) 5.3 up to (excluding) 5.3.16
     *cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* versions from (including) 5.4 up to (excluding) 5.4.14
     *cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* versions from (including) 5.5 up to (excluding) 5.5.13
     *cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* versions from (including) 5.6 up to (excluding) 5.6.12
     *cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* versions from (including) 5.7 up to (excluding) 5.7.10
     *cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* versions from (including) 5.8 up to (excluding) 5.8.8
     *cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* versions from (including) 5.9 up to (excluding) 5.9.8
     *cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* versions from (including) 6.0 up to (excluding) 6.0.6
     *cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* versions from (including) 6.1 up to (excluding) 6.1.4
     *cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* versions from (including) 6.2 up to (excluding) 6.2.3
     *cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* versions from (including) 6.3 up to (excluding) 6.3.2
Added CVSS V3.1

Added CWE

Changed Reference Type
https://wpscan.com/blog/email-leak-oracle-vulnerability-addressed-in-wordpress-6-3-2/ No Types Assigned
https://wpscan.com/blog/email-leak-oracle-vulnerability-addressed-in-wordpress-6-3-2/ Exploit, Third Party Advisory
Changed Reference Type
https://wpscan.com/vulnerability/19380917-4c27-4095-abf1-eba6f913b441 No Types Assigned
https://wpscan.com/vulnerability/19380917-4c27-4095-abf1-eba6f913b441 Third Party Advisory