Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/05/23 10:30 a.m.10 views

CVE-2024-0881

The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel WordPress plugin before 2.2.76 does not have proper authorization, resulting in password protected posts to be displayed in the result of some unauthenticated AJAX actions, allowing unauthenticated users to rea...

5.4CVSS6.9AI score0.16906EPSS
Exploits2References1
patchstack
patchstack
added 2024/04/15 12:0 a.m.12 views

WordPress Post Grid and Gutenberg Blocks Plugin < 2.2.76 is vulnerable to Broken Access Control

Software Post Grid and Gutenberg Blocks Type Plugin Vulnerable versions 2.2.76 Fixed in 2.2.76 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-0881 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 8983e099562f Credits Krzysztof Zając...

5.4CVSS6.9AI score0.16906EPSS
Exploits2References4Affected Software1
cve
cve
added 2024/04/11 3:36 p.m.86 views

CVE-2024-0881

The CVE-2024-0881 entry concerns the WordPress Combo Blocks ecosystem (Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel) prior to version 2.2.76. Root cause: improper access control allows unauthenticated AJAX actions to reveal password-protected posts, enabling ...

5.4CVSS6.5AI score0.16906EPSS
Exploits2References1Affected Software1
vulnrichment
vulnrichment
added 2024/04/11 3:36 p.m.18 views

CVE-2024-0881 Combo Blocks < 2.2.76 - Unauthenticated Password Protected Posts Access

The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel WordPress plugin before 2.2.76 does not have proper authorization, resulting in password protected posts to be displayed in the result of some unauthenticated AJAX actions, allowing unauthenticated users to rea...

6.5AI score0.16906EPSS
Exploits2References1
cvelist
cvelist
added 2024/04/11 3:36 p.m.30 views

CVE-2024-0881 Combo Blocks < 2.2.76 - Unauthenticated Password Protected Posts Access

The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel WordPress plugin before 2.2.76 does not have proper authorization, resulting in password protected posts to be displayed in the result of some unauthenticated AJAX actions, allowing unauthenticated users to rea...

6.8AI score0.16906EPSS
Exploits2References1
Rows per page
Query Builder