Image Regenerate & Select Crop < 7.3.1 – Sensitive Information Exposure | CVE 2023-46820

Affects Plugins

Fixed in 7.3.1

References

CVE

CVE-2023-46820

URL

https://patchstack.com/database/vulnerability/image-regenerate-select-crop/wordpress-image-regenerate-select-crop-plugin-7-3-0-sensitive-data-exposure-via-log-file-vulnerability

Classification

Type

SENSITIVE DATA DISCLOSURE

OWASP top 10

A3: Sensitive Data Exposure

CWE

CWE-200

CVSS

5.3 (medium)

Miscellaneous

Original Researcher

Joshua Chan

Verified

No

WPVDB ID

24bbe88a-aed3-45ab-8515-0fae98de8b10

Timeline

Publicly Published

2023-10-09 (about 2 years ago)

Added

2023-12-13 (about 2 years ago)

Last Updated

2023-12-13 (about 2 years ago)

Other

Published

Title

Published

2026-02-17

Title

Simple Ajax Chat < 20260217 - Unauthenticated Information Exposure

Published

2022-06-02

Title

Co-Authors-Plus 3.5/3.5.1 - Guest Authors Email Address Disclosure

Published

2025-05-16

Title

Wishlist <= 2.1.0 - Authenticated (Subscriber+) Information Exposure

Published

2022-06-28

Title

SP Project & Document Manager < 4.58 - Sensitive File Disclosure

Published

2025-10-14

Title

Simple Job Board < 2.13.8 - Unauthenticated Sensitive Information Exposure