CVE-2024-1083

The Simple Restrict plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.6 via the REST API. This makes it possible for authenticated attackers to bypass the plugin's restrictions to extract post titles and content...

CVE-2024-11106

CVE-2024-11106 affects the Simple Restrict WordPress plugin, exposing sensitive data from restricted posts unauthenticated via WordPress core search in all versions up to 1.2.7. Red Hat and Wordfence entries confirm the vulnerability and its impact; remediation is to upgrade to 1.2.7+ (patched).

CVE-2024-11106 Simple Restrict <= 1.2.7 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure

The Simple Restrict plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.7 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to...

CVE-2024-11106 Simple Restrict <= 1.2.7 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure

The Simple Restrict plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.7 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to...

PT-2024-16767 · WordPress · Simple Restrict

Name of the Vulnerable Software and Affected Versions: Simple Restrict plugin for WordPress versions up to, and including, 1.2.7 Description: The issue allows unauthenticated attackers to extract sensitive data from posts restricted to higher-level roles, such as administrators, via the WordPress...

WordPress plugin Simple Restrict 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Simple Restrict plugin <= 1.2.7 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability

Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability discovered by Francesco Carlucci in WordPress Plugin Simple Restrict versions = 1.2.7...

CVE-2024-1083

The Simple Restrict plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.6 via the REST API. This makes it possible for authenticated attackers to bypass the plugin's restrictions to extract post titles and content...

Code injection

The Simple Restrict plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.6 via the REST API. This makes it possible for authenticated attackers to bypass the plugin's restrictions to extract post titles and content...

CVE-2024-1083

The Simple Restrict plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.6 via the REST API. This makes it possible for authenticated attackers to bypass the plugin's restrictions to extract post titles and content...

CVE-2024-1083

CVE-2024-1083 refers to the WordPress plugin Simple Restrict (affected versions:

CVE-2024-1083 Simple Restrict <= 1.2.6 - Missing Authorization to Sensitive Information Exposure

The Simple Restrict plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.6 via the REST API. This makes it possible for authenticated attackers to bypass the plugin's restrictions to extract post titles and content...

WordPress Plugin Simple Restrict Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

WordPress Simple Restrict Plugin <= 1.2.6 is vulnerable to Broken Access Control

Software Simple Restrict Type Plugin Vulnerable versions = 1.2.6 Fixed in 1.2.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1083 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 00883e26c04f Credits Francesco Carlucci Required...