3 matches found
CVE-2024-0910 Restrict for Elementor <= 1.0.7 - Protection Mechanism Bypass
The Restrict for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.7 due to improper restrictions on hidden data that make it accessible through the REST API. This makes it possible for unauthenticated attackers to extract...
CVE-2024-0910
CVE-2024-0910 concerns the WordPress plugin Restrict for Elementor, affecting all versions up to 1.0.6. Root cause: improper restrictions on hidden data exposed via the REST API, enabling unauthenticated attackers to extract potentially sensitive information from post content. Documented impact i...
WordPress Restrict for Elementor Plugin <= 1.0.7 is vulnerable to Bypass Vulnerability
Software Restrict for Elementor Type Plugin Vulnerable versions = 1.0.7 Fixed in 1.0.8 OWASP Top 10 A4: Insecure Design Classification Bypass Vulnerability CVE CVE-2024-0910 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 6eb55a6738d5 Credits Francesco Carlucci Required...