{"uuid": "0d11f3c4-aba0-4835-8813-2b5d859c896d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4917", "type": "seen", "source": "https://t.me/arpsyndicate/1710", "content": "#ExploitObserverAlert\n\nCVE-2023-4917\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-4917. The Leyka plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 3.30.3 via the 'leyka_ajax_get_env_and_options' function. This can allow authenticated attackers with subscriber-level permissions or above to extract sensitive data including Sberbank API key and password, PayPal Client Secret, and more keys and passwords.\n\nFIRST-EPSS: 0.000490000\nNVD-IS: 3.6\nNVD-ES: 2.8", "creation_timestamp": "2023-12-11T06:29:18.000000Z"}