The Anonymous Restricted Content plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.5 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to logged-in users.
Metrics
Affected Vendors & Products
References
History
Thu, 21 Nov 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Cayenne
Cayenne anonymous Restricted Content |
|
Weaknesses | CWE-276 | |
CPEs | cpe:2.3:a:cayenne:anonymous_restricted_content:*:*:*:*:*:*:*:* | |
Vendors & Products |
Cayenne
Cayenne anonymous Restricted Content |
|
Metrics |
ssvc
|
Thu, 21 Nov 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The Anonymous Restricted Content plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.5 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to logged-in users. | |
Title | Anonymous Restricted Content <= 1.6.5 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure | |
Weaknesses | CWE-200 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Wordfence
Published: 2024-11-21T13:55:32.191Z
Updated: 2024-11-21T14:23:02.953Z
Reserved: 2024-11-11T19:37:25.941Z
Link: CVE-2024-11089
Vulnrichment
Updated: 2024-11-21T14:22:39.200Z
NVD
Status : Received
Published: 2024-11-21T14:15:08.530
Modified: 2024-11-21T15:15:21.500
Link: CVE-2024-11089
Redhat
No data.