Lucene search
Improved Include Page Security Vulnerabilities
cve
The Improved Include Page WordPress plugin through 1.2 allows passing shortcode attributes with post_type & post_status which can be used to retrieve arbitrary content. This way, users with a role as low as Contributor can gain access to content they are not supposed...
6.5CVSS
6.5AI Score
0.001EPSS
2021-12-13 11:15 AM
14