CVE-2023-39999

Exposure of Sensitive Information to an Unauthorized Actor in WordPress from 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.13, from 6.0 through 6.0.5, from 5.9 through 5.9.7, from 5.8 through 5.8.7, from 5.7 through 5.7.9, from 5.6 through 5.6.11, from 5.5 through 5.5.12, from 5.4 through 5.4.13, from 5.3 through 5.3.15, from 5.2 through 5.2.18, from 5.1 through 5.1.16, from 5.0 through 5.0.19, from 4.9 through 4.9.23, from 4.8 through 4.8.22, from 4.7 through 4.7.26, from 4.6 through 4.6.26, from 4.5 through 4.5.29, from 4.4 through 4.4.30, from 4.3 through 4.3.31, from 4.2 through 4.2.35, from 4.1 through 4.1.38.

Published: Oct 13, 2023
Updated: Nov 16, 2025
CVE: CVE-2023-39999
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.3
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
WordPress / wordpress	6.2	6.2.2.x
WordPress / wordpress	6.1	6.1.3.x
WordPress / wordpress	6.0	6.0.5.x
WordPress / wordpress	5.9	5.9.7.x
WordPress / wordpress	6.3	6.3.2
WordPress / wordpress	5.8	5.8.7.x
WordPress / wordpress	5.7	5.7.9.x
WordPress / wordpress	5.6	5.6.11.x
WordPress / wordpress	5.5	5.5.12.x
WordPress / wordpress	5.4	5.4.13.x
WordPress / wordpress	5.3	5.3.15.x
WordPress / wordpress	5.2	5.2.18.x
WordPress / wordpress	5.1	5.1.16.x
WordPress / wordpress	5.0	5.0.19.x
WordPress / wordpress	4.9	4.9.23.x
WordPress / wordpress	4.8	4.8.22.x
WordPress / wordpress	4.7	4.7.26.x
WordPress / wordpress	4.6	4.6.26.x
WordPress / wordpress	4.5	4.5.29.x
WordPress / wordpress	4.4	4.4.30.x
WordPress / wordpress	4.3	4.3.31.x
WordPress / wordpress	4.2	4.2.35.x
WordPress / wordpress	4.1	4.1.38.x
fedoraproject / fedora	37	37.x
fedoraproject / fedora	38	38.x
WordPress / wordpress	-	5.8.8

Vulnerability Database

309,961

CVE-2023-39999

Deep Security Visibility Without the Complexity