2 matches found
CVE-2024-0969 ARMember <= 4.0.24 - Improper Access Control to Sensitive Information Exposure via REST API
The ARMember plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.21 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's "Default Restriction" feature and view restricted post content...
WordPress ARMember Plugin <= 4.0.24 is vulnerable to Sensitive Data Exposure
Software ARMember Type Plugin Vulnerable versions = 4.0.24 Fixed in 4.0.25 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-0969 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 16435d63d3f2 Credits Francesco Carlucci Required...