CVE-2023-5003
published 2023-10-16CVE-2023-5003: The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to…
PriorityP264high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
25.86%
97.7th percentile
The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| miniorange | active_directory_integration_ldap_integration | < 4.1.10 | 4.1.10 |
Detection & IOCsextracted from sources · hover to see the quote
- →HTTP GET request to the exposed log file path returns HTTP 200 with CSV headers indicating LDAP authentication log disclosure ↗
- →Response body contains all four CSV column headers: ID, USERNAME, TIME, and LDAP STATUS — use as confirmation of successful log file access ↗
- →Match HTTP status 200 combined with the CSV header words to confirm unauthenticated access to the LDAP log buffer file ↗
- ·The log file is only present if an administrator has previously triggered a log export; the file is never cleaned up, so it persists indefinitely once created ↗
- ·Vulnerability affects only Active Directory Integration / LDAP Integration WordPress plugin versions before 4.1.10; fixed in 4.1.10 ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
Active Directory Integration WP Plugin < 4.1.10 - Log Disclosure
nuclei·CVSS 7.5
CVE-2023-5003 [HIGH] Active Directory Integration WP Plugin < 4.1.10 - Log Disclosure
Active Directory Integration WP Plugin < 4.1.10 - Log Disclosure
The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so.
Template:
id: CVE-2023-5003
info:
name: Active Directory Integration WP Plugin < 4.1.10 - Log Disclosure
author: s4e-io
severity: high
description: |
The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so.
impact: |
U
No writeups or analysis indexed.
2023-10-16
Published