CVE-2023-52187 MEDIUM

CVE-2023-52187: WordPress Image Source Control Plugin <= 2.17.0 is vulnerable to Sensitive Data Exposure

Vendor Thomas Maier
Product Image Source Control Lite – Show Image Credits and Captions
Weakness CWE-200 · Info exposure
Published January 26, 2024
Last update April 28, 2026
View on NVD All CVEs

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Thomas Maier Image Source Control Lite – Show Image Credits and Captions.This issue affects Image Source Control Lite – Show Image Credits and Captions: from n/a through 2.17.0.

Key dates

02Disclosure timeline

January 26, 2024 CVE published
April 28, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2021-39192 Privilege escalation: all users can access Admin-level API keys CVE-2021-32770 Basic-auth app bundle credential exposure in gatsby-source-wordpress CVE-2025-40645 Exposure of sensitive information in Viday CVE-2021-20331 MongoDB C# Driver may publish events containing authentication-related data to a command listener configured by an application CVE-2026-33300 Discourse: Hidden group names and access metadata are exposed to moderators through the `category-chatables` endpoint