3 matches found
CVE-2024-0681
The Page Restriction WordPress WP – Protect WP Pages/Post plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 1.3.4. This is due to the plugin not properly restricting access to pages via the REST API when a page has been made private. This makes it...
CVE-2024-0681
CVE-2024-0681 affects the WordPress plugin Page Restriction WordPress (WP) – Protect WP Pages/Post . It discloses information by failing to restrict access to private pages via the REST API in all versions up to 1.3.4. The underlying issue is improper REST API access control, allowing unauthentic...
WordPress Page Restriction WordPress (WP) Plugin <= 1.3.4 is vulnerable to Bypass Vulnerability
Software Page Restriction WordPress WP Type Plugin Vulnerable versions = 1.3.4 Fixed in 1.3.5 OWASP Top 10 A4: Insecure Design Classification Bypass Vulnerability CVE CVE-2024-0681 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID cfef51f8afd9 Credits Francesco Carlucci...