Lucene search
WPScanCVE-2023-6257HistoryApr 11, 2024 - 5:15 a.m.
CVE-2023-6257
2024-04-1105:15:47
WPScan
web.nvd.nist.gov
33
nvd
organization reservation
security problem
The Inline Related Posts WordPress plugin before 3.6.0 is missing authorization in an AJAX action to ensure that users are allowed to see the content of the posts displayed, allowing any authenticated user, such as subscriber to retrieve the content of password protected posts
Affected configurations
Node
data443inline_related_postsRange<3.6.0wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| data443 | inline_related_posts | * | cpe:2.3:a:data443:inline_related_posts:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"vendor": "Unknown",
"product": "Inline Related Posts",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThan": "3.6.0"
}
],
"defaultStatus": "unaffected"
}
]Related
cvelist
cvelist
wpvulndb
wpvulndb
Inline Related Posts < 3.6.0 - Subscriber+ Password Protected Post Read
2024-03-21 00:00:00
vulnrichment
vulnrichment
wpexploit
wpexploit
Inline Related Posts < 3.6.0 - Subscriber+ Password Protected Post Read
2024-03-21 00:00:00
nvd
nvd
CVE-2023-6257
2024-04-11 05:15:47
wordfence
wordfence