← volver
CVE-2023-1371

W4 Post List < 2.4.6 - Subscriber+ Password Protected Post Content Disclosure

CVSS 6.5 MEDIUMEPSS 0.7%
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 6.5EPSS 0.7%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
17 abr 2023Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
The W4 Post List WordPress plugin before 2.4.6 does not ensure that password protected posts can be accessed before displaying their content, which could allow any authenticated users to access them
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Productos afectados
Unknown · W4 Post List