Lucene search

K
patchstackPeng ZhouPATCHSTACK:E7496A87D2DF0E2F52C0341AF5F50CDE
HistoryApr 22, 2024 - 12:00 a.m.

WordPress Post Grid and Gutenberg Blocks Plugin <= 2.2.78 is vulnerable to Sensitive Data Exposure

2024-04-2200:00:00
Peng Zhou
patchstack.com
1
wordpress post grid
gutenberg blocks
plugin
vulnerable version 2.2.78
fixed version 2.2.79
owasp top 10
broken access control
sensitive data exposure
cve-2024-32816
high patch priority
high cvss severity
developer claim ownership
psid 4274dff100bf
unauthenticated privilege
published 22 april 2024

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

6.5

Confidence

High

Software

Post Grid and Gutenberg Blocks

Type

Plugin

Vulnerable versions

<= 2.2.78

Fixed in

2.2.79

OWASP Top 10

A1: Broken Access Control

Classification

Sensitive Data Exposure

CVE

CVE-2024-32816

Patch priority

High

CVSS severity

High (7.5)

Developer

Claim ownership

PSID

4274dff100bf

Credits

Peng Zhou Peng Zhou

Required privilege

Unauthenticated

Published

22 April, 2024

Remove and replace plugin Expand full details Have additional information or questions about this entry? Let us know.

Solution

We advise to mitigate or resolve the vulnerability immediately.

Affected configurations

Vulners
Node
pickpluginspost_gridRange2.2.78wordpress
VendorProductVersionCPE
pickpluginspost_grid*cpe:2.3:a:pickplugins:post_grid:*:*:*:*:*:wordpress:*:*

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

6.5

Confidence

High

Related for PATCHSTACK:E7496A87D2DF0E2F52C0341AF5F50CDE