CVE-2023-49162: 
WordPress vulnerability analysis and mitigation

CVE-2023-49162 is a Sensitive Information Exposure vulnerability affecting BigCommerce For WordPress plugin versions up to 5.1.2. The vulnerability was discovered by Joshua Chan and publicly disclosed on November 28, 2023. The issue allows unauthenticated attackers to access sensitive information through log file exposure (Patchstack).

The vulnerability is classified as CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor). It has received a CVSS v3.1 base score of 7.5 (HIGH) from NIST with vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N, while Patchstack assigned a CVSS score of 5.3 (MEDIUM) with vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N (NVD).

The vulnerability could allow malicious actors to view sensitive information that is normally not accessible to regular users. This exposed data could potentially be used to exploit other weaknesses in the system (Patchstack).

As of the latest reports, there is no official fix available for this vulnerability. The security issue has been assessed as having a low severity impact and is considered unlikely to be exploited (Patchstack).