Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2024-0421
HistoryFeb 12, 2024 - 4:15 p.m.

Code injection

2024-02-1216:15:00
PRIOn knowledge base
www.prio-n.com
2
mappress
wordpress
code injection
security vulnerability
unauthenticated access
ajax action
private posts

7.3 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

The MapPress Maps for WordPress plugin before 2.88.16 does not ensure that posts to be retrieve via an AJAX action is a public map, allowing unauthenticated users to read arbitrary private and draft posts.

Related

nvd 1
cvelist 1
wpexploit 1
wpvulndb 1
cve 1
nvd
nvd
CVE-2024-0421
2024-02-12 16:15:08
cvelist
cvelist
CVE-2024-0421 MapPress Maps for WordPress < 2.88.16 - Unauthenticated Arbitrary Private/Draft Post Disclosure
2024-02-12 16:05:57
wpexploit
wpexploit
MapPress Maps for WordPress < 2.88.16 - Unauthenticated Arbitrary Private/Draft Post Disclosure
2024-01-17 00:00:00
wpvulndb
wpvulndb
MapPress Maps for WordPress < 2.88.16 - Unauthenticated Arbitrary Private/Draft Post Disclosure
2024-01-17 00:00:00
cve
cve
CVE-2024-0421
2024-02-12 16:15:08

7.3 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON
Related for PRION:CVE-2024-0421
nvd1cvelist1wpexploit1wpvulndb1cve1