The Restrict – membership, site, content and user access restrictions for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.8 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-level roles such as administrator.
Metrics
Affected Vendors & Products
References
History
Wed, 11 Dec 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 11 Dec 2024 12:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The Restrict – membership, site, content and user access restrictions for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.8 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-level roles such as administrator. | |
Title | Restrict – membership, site, content and user access restrictions for WordPress <= 2.2.8 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure | |
Weaknesses | CWE-200 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Wordfence
Published: 2024-12-11T12:24:18.746Z
Updated: 2024-12-11T14:37:08.633Z
Reserved: 2024-11-18T17:07:49.112Z
Link: CVE-2024-11351
Vulnrichment
Updated: 2024-12-11T14:37:04.571Z
NVD
Status : Received
Published: 2024-12-11T13:15:06.350
Modified: 2024-12-11T13:15:06.350
Link: CVE-2024-11351
Redhat
No data.