CVE-2024-0899
s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions <= 230815 - Information Exposure
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 5.3EPSS 0.6%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
09 abr 2024Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
The s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 230815 via the API. This makes it possible for unauthenticated attackers to see the contents of those posts and pages.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Produtos afetados
clavaque · s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access SubscriptionsQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →