CVE-2022-43504 is an improper authentication vulnerability affecting WordPress versions prior to 6.0.3. The flaw resides in the WordPress Post by Email feature, which allows users to publish blog posts by sending an email to a configured address. Due to improper authentication controls, a remote unauthenticated attacker can exploit this vulnerability to retrieve the email address of the user who posted a blog. This information disclosure does not require any user interaction or prior authentication, making it accessible over the network with low attack complexity. The vulnerability impacts confidentiality by exposing user email addresses, which could be leveraged for targeted phishing, social engineering, or further attacks. However, it does not affect the integrity or availability of the WordPress installation or its content. The issue has been addressed in WordPress version 6.0.3 and all versions since 3.7 have received patched releases. No known exploits are currently reported in the wild. The CVSS v3.1 base score is 5.3 (medium severity), reflecting the limited impact confined to information disclosure without broader system compromise. The vulnerability is classified under CWE-287 (Improper Authentication), highlighting a failure to properly verify user identity before disclosing sensitive information.

For European organizations using WordPress versions prior to 6.0.3, this vulnerability poses a moderate risk primarily related to confidentiality breaches. Exposure of user email addresses can facilitate spear-phishing campaigns, targeted social engineering, and potentially credential stuffing attacks if attackers correlate leaked emails with other data breaches. Organizations with public-facing WordPress blogs or those using the Post by Email feature are particularly at risk. While the vulnerability does not allow direct content manipulation or service disruption, the leakage of email addresses can undermine user privacy and trust, especially under stringent European data protection regulations such as GDPR. This could lead to regulatory scrutiny and reputational damage if exploited. The impact is more pronounced for entities with high-profile blogs or those managing sensitive communications via WordPress. However, the absence of known active exploitation and the availability of patches mitigate the immediate threat level.

1. Immediate upgrade of all WordPress installations to version 6.0.3 or later to apply the official patch addressing this vulnerability. 2. Disable the Post by Email feature if it is not actively used, reducing the attack surface. 3. Implement strict access controls and monitoring on email addresses configured for posting to detect any unauthorized access attempts. 4. Conduct regular audits of WordPress user accounts and associated email addresses to identify any unusual activity or exposure. 5. Educate users and administrators about phishing risks stemming from leaked email addresses and enforce multi-factor authentication (MFA) on associated accounts where possible. 6. Employ web application firewalls (WAFs) with rules to detect and block suspicious requests targeting the Post by Email functionality. 7. Monitor security advisories and threat intelligence feeds for any emerging exploits related to this vulnerability to respond promptly.