4 matches found
CVE-2024-10671
creationtimestamp| type| source ---|---|--- 2024-11-21 05:40:41+00:00| seen| https://infosec.exchange/users/cve/statuses/113519338529264658...
CVE-2024-10671 Button Block – Get fully customizable & multi-functional buttons <= 1.1.4 - Authenticated (Contributor+) Post Disclosure
The Button Block – Get fully customizable & multi-functional buttons plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.4 via the btnblock shortcode due to insufficient restrictions on which posts can be included. This makes it possible for...
CVE-2024-10671 Button Block – Get fully customizable & multi-functional buttons <= 1.1.4 - Authenticated (Contributor+) Post Disclosure
The Button Block – Get fully customizable & multi-functional buttons plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.4 via the btnblock shortcode due to insufficient restrictions on which posts can be included. This makes it possible for...
WordPress Button Block Plugin <= 1.1.4 is vulnerable to Broken Authentication
Software Button Block Type Plugin Vulnerable versions = 1.1.4 Fixed in 1.1.5 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-10671 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID ae07da220d1c Credits...