Descrição
In WordPress before 4.9.9 and 5.x before 5.0.1, the user-activation page could be read by a search engine’s web crawler if an unusual configuration were chosen. The search engine could then index and display a user’s e-mail address and (rarely) the password that was generated by default.
Software
Não informado
Tipo Software
Core
CVE
CVE-2018-20151
Tags
Nâo informado
Data de publicação
14/12/2018
Última atualização
08/12/2024
Pontuação em CVSS 3.0
---
Não medido