Lucene search
+L

5 matches found

NVD
NVD
added 2023/05/02 8:15 a.m.33 views

CVE-2023-1911

The Blocksy Companion WordPress plugin before 1.8.82 does not ensure that posts to be accessed via a shortcode are already public and can be viewed, allowing any authenticated users, such as subscriber to access draft posts for example...

4.3CVSS4.4AI score0.0055EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/05/02 7:4 a.m.15 views

CVE-2023-1911 Blocksy Companion < 1.8.82 - Subscriber+ Draft Post Access

The Blocksy Companion WordPress plugin before 1.8.82 does not ensure that posts to be accessed via a shortcode are already public and can be viewed, allowing any authenticated users, such as subscriber to access draft posts for example...

4.4AI score0.0055EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/05/02 7:4 a.m.37 views

CVE-2023-1911 Blocksy Companion < 1.8.82 - Subscriber+ Draft Post Access

The Blocksy Companion WordPress plugin before 1.8.82 does not ensure that posts to be accessed via a shortcode are already public and can be viewed, allowing any authenticated users, such as subscriber to access draft posts for example...

4.6AI score0.0055EPSS
Exploits2References1
CVE
CVE
added 2023/05/02 7:4 a.m.98 views

CVE-2023-1911

Blocksy Companion (WordPress plugin by Creative Themes) before 1.8.82 contains an authorization flaw: posts accessible via a shortcode are not confirmed public, allowing any authenticated user (e.g., subscribers) to view draft content. This exposes draft posts to users who should not have access....

4.3CVSS4.7AI score0.0055EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2023/04/17 12:0 a.m.13 views

WordPress Blocksy Companion Plugin < 1.8.82 is vulnerable to Sensitive Data Exposure

Software Blocksy Companion Type Plugin Vulnerable versions 1.8.82 Fixed in 1.8.82 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-1911 Patch priority Medium CVSS severity Medium 4.3 Developer Creative Themes PSID a9848e95cc61 Credits Erwan LR WPScan...

4.3CVSS6.8AI score0.0055EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder