CVE-2023-39999

Exposure of Sensitive Information to an Unauthorized Actor in WordPress from 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.13, from 6.0 through 6.0.5, from 5.9 through 5.9.7, from 5.8 through 5.8.7, from 5.7 through 5.7.9, from 5.6 through 5.6.11, from 5.5 through 5.5.12, from 5.4 through 5.4.13, from 5.3 through 5.3.15, from 5.2 through 5.2.18, from 5.1 through 5.1.16, from 5.0 through 5.0.19, from 4.9 through 4.9.23, from 4.8 through 4.8.22, from 4.7 through 4.7.26, from 4.6 through 4.6.26, from 4.5 through 4.5.29, from 4.4 through 4.4.30, from 4.3 through 4.3.31, from 4.2 through 4.2.35, from 4.1 through 4.1.38.

Published: Oct 13, 2023
Updated: Jun 29, 2025
CVE: CVE-2023-39999
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.3
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
WordPress / wordpress	6.2	6.2.2.x
WordPress / wordpress	6.1	6.1.3.x
WordPress / wordpress	6.0	6.0.5.x
WordPress / wordpress	5.9	5.9.7.x
WordPress / wordpress	6.3	6.3.2
WordPress / wordpress	5.8	5.8.7.x
WordPress / wordpress	5.7	5.7.9.x
WordPress / wordpress	5.6	5.6.11.x
WordPress / wordpress	5.5	5.5.12.x
WordPress / wordpress	5.4	5.4.13.x
WordPress / wordpress	5.3	5.3.15.x
WordPress / wordpress	5.2	5.2.18.x
WordPress / wordpress	5.1	5.1.16.x
WordPress / wordpress	5.0	5.0.19.x
WordPress / wordpress	4.9	4.9.23.x
WordPress / wordpress	4.8	4.8.22.x
WordPress / wordpress	4.7	4.7.26.x
WordPress / wordpress	4.6	4.6.26.x
WordPress / wordpress	4.5	4.5.29.x
WordPress / wordpress	4.4	4.4.30.x
WordPress / wordpress	4.3	4.3.31.x
WordPress / wordpress	4.2	4.2.35.x
WordPress / wordpress	4.1	4.1.38.x
fedoraproject / fedora	37	37.x
fedoraproject / fedora	38	38.x
WordPress / wordpress	-	5.8.8

Vulnerability Database

289,599

CVE-2023-39999