4 matches found
CVE-2024-1984
creationtimestamp| type| source ---|---|--- 2024-04-11 06:10:41+00:00| seen| https://t.me/arpsyndicate/4451...
CVE-2024-1984 Graphene <= 2.9.2 - Missing Authorization
The Graphene theme for WordPress is vulnerable to unauthorized access of data via meta tag in all versions up to, and including, 2.9.2. This makes it possible for unauthenticated individuals to obtain post contents of password protected posts via the generated source...
CVE-2024-1984
CVE-2024-1984 affects the WordPress Graphene theme (versions ≤ 2.9.2). The issue allows unauthenticated users to access post contents of password-protected posts via a meta tag in the page source, indicating a missing authorization check (low-severity info exposure). Reported by Krzysztof Zając a...
WordPress Graphene Theme <= 2.9 is vulnerable to Broken Access Control
Software Graphene Type Theme Vulnerable versions = 2.9 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1984 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID dadc68068747 Credits Krzysztof Zając Required privilege...