4 matches found
CVE-2024-10669
creationtimestamp| type| source ---|---|--- 2024-11-09 04:40:02+00:00| seen| https://infosec.exchange/users/cve/statuses/113451152276638271 2024-11-09 06:35:51+00:00| seen| https://t.me/cvedetector/10272...
CVE-2024-10669 Countdown Timer block – Display the event's date into a timer. <= 1.2.4 - Authenticated (Contributor+) Post Disclosure
The Countdown Timer block – Display the events date into a timer. plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.4 via the ctb shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated...
CVE-2024-10669
CVE-2024-10669 affects the WordPress plugin “Countdown Timer block – Display the event’s date into a timer.” The issue is Information Exposure via the [ctb] shortcode in all versions up to and including 1.2.4, allowing authenticated users with Contributor-level access or higher to retrieve data f...
WordPress Countdown Timer Plugin <= 1.2.4 is vulnerable to Sensitive Data Exposure
Software Countdown Timer Type Plugin Vulnerable versions = 1.2.4 Fixed in 1.2.5 OWASP Top 10 A3: Injection Classification Sensitive Data Exposure CVE CVE-2024-10669 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 97d2e3a5c021 Credits Francesco Carlucci Required privilege...