2 matches found
CVE-2024-0908
The Advanced Post Block – Display Posts, Pages, or Custom Posts on Your Page plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the apbPosts function hooked via an AJAX action in all versions up to, and including, 1.13.4. This makes it possible...
WordPress Advanced Post Block - Post Grid for WordPress block editor Plugin <= 1.13.4 is vulnerable to Broken Access Control
Software Advanced Post Block - Post Grid for WordPress block editor Type Plugin Vulnerable versions = 1.13.4 Fixed in 1.13.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-0908 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID...