Lucene search
WPScanCVELIST:CVE-2024-0881HistoryApr 11, 2024 - 3:36 p.m.
CVE-2024-0881 Combo Blocks < 2.2.76 - Unauthenticated Password Protected Posts Access
2024-04-1115:36:31
WPScan
www.cve.org
2
cve-2024-0881 combo blocks
post grid
form maker
popup maker
woocommerce blocks
post blocks
post carousel
unauthenticated ajax
password protected posts
unauthenticated access
The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel WordPress plugin before 2.2.76 does not have proper authorization, resulting in password protected posts to be displayed in the result of some unauthenticated AJAX actions, allowing unauthenticated users to read such posts
CNA Affected
[
{
"vendor": "Unknown",
"product": "Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThan": "2.2.76"
}
],
"defaultStatus": "unaffected"
}
]Related
cve
cve
CVE-2024-0881
2024-04-11 16:15:24
nuclei
nuclei
Combo Blocks < 2.2.76 - Improper Access Control
2024-05-01 14:27:37
nvd
nvd
CVE-2024-0881
2024-04-11 16:15:24
wpvulndb
wpvulndb
Combo Blocks < 2.2.76 - Unauthenticated Password Protected Posts Access
2024-03-19 00:00:00
wpexploit
wpexploit
Combo Blocks < 2.2.76 - Unauthenticated Password Protected Posts Access
2024-03-19 00:00:00
vulnrichment
vulnrichment