Lucene search
HistoryMar 05, 2024 - 2:15 a.m.
CVE-2024-1769
wordpress
information exposure
password protection
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS
0
Percentile
9.0%
The JM Twitter Cards plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 12 via the meta description data. This makes it possible for unauthenticated attackers to view password protected post content when viewing the page source.
Related
prion
prion
Design/Logic Flaw
2024-03-05 02:15:00
cve
cve
CVE-2024-1769
2024-03-05 02:15:27
vulnrichment
vulnrichment
CVE-2024-1769
2024-03-05 01:56:03
cvelist
cvelist
CVE-2024-1769
2024-03-05 01:56:03
wpvulndb
wpvulndb
JM Twitter Cards < 14.1.0 - Password Protected Post Access
2024-03-04 00:00:00
wordfence
wordfence
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS
0
Percentile
9.0%
Related for NVD:CVE-2024-1769