3 matches found
CVE-2023-7072
The Post Grid Combo – 36+ Gutenberg Blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.68 via the 'getposts' REST API Endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including full draft...
CVE-2023-7072
CVE-2023-7072 affects the Post Grid Combo – 36+ Gutenberg Blocks WordPress plugin. All versions up to 2.2.68 expose sensitive data via the get_posts REST API endpoint, allowing unauthenticated access to full draft posts, password-protected posts, and passwords. The issue is an Information Exposur...
WordPress Post Grid and Gutenberg Blocks Plugin <= 2.2.68 is vulnerable to Sensitive Data Exposure
Software Post Grid and Gutenberg Blocks Type Plugin Vulnerable versions = 2.2.68 Fixed in 2.2.69 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-7072 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 22574660ebb2 Credits Hung -mov...