CVE-2024-0881
Combo Blocks < 2.2.76 - Unauthenticated Password Protected Posts Access
The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel WordPress plugin before 2.2.76 does not have proper authorization, resulting in password protected posts to be displayed in the result of some unauthenticated AJAX actions, allowing unauthenticated users to read such posts
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Productos afectados
Unknown · Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →