5 matches found
CVE-2024-10536
The FancyPost – Best Ultimate Post Block, Post Grid, Layouts, Carousel, Slider For Gutenberg & Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the handleblockshortcodeexport function in all versions up to, and including, 6.0.0. This...
CVE-2024-10536
The FancyPost – Best Ultimate Post Block, Post Grid, Layouts, Carousel, Slider For Gutenberg & Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the handleblockshortcodeexport function in all versions up to, and including, 6.0.0. This...
CVE-2024-10536
creationtimestamp| type| source ---|---|--- 2025-01-07 05:30:12+00:00| seen| https://infosec.exchange/users/cve/statuses/113785425906406111 2025-01-07 05:33:48+00:00| seen| https://infosec.exchange/users/cve/statuses/113785440067040917 2025-01-07 05:37:06+00:00| published-proof-of-concept|...
CVE-2024-10536 FancyPost – Best Ultimate Post Block, Post Grid, Layouts, Carousel, Slider For Gutenberg & Elementor <= 6.0.0 - Missing Authorization to Authenticated (Subscriber+) Shortcode Export
The FancyPost – Best Ultimate Post Block, Post Grid, Layouts, Carousel, Slider For Gutenberg & Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the handleblockshortcodeexport function in all versions up to, and including, 6.0.0. This...
CVE-2024-10536
CVE-2024-10536 concerns the FancyPost plugin for WordPress, where a missing capability check in handle_block_shortcode_export() allows authenticated users with Subscriber-level access and above to export shortcodes. The issue affects all versions up to 6.0.0 as stated in the description. Public d...