5 matches found
CVE-2024-12447
creationtimestamp| type| source ---|---|--- 2024-12-14 05:48:42+00:00| seen| https://infosec.exchange/users/cve/statuses/113649603175317845 2024-12-14 06:49:44+00:00| seen| https://t.me/cvedetector/12918...
CVE-2024-12447
The Get Post Content Shortcode plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 0.4 via the 'post-content' shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...
CVE-2024-12447 Get Post Content Shortcode <= 0.4 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Information Disclosure via post_content Shortcode
The Get Post Content Shortcode plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 0.4 via the 'post-content' shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...
CVE-2024-12447 Get Post Content Shortcode <= 0.4 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Information Disclosure via post_content Shortcode
The Get Post Content Shortcode plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 0.4 via the 'post-content' shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...
CVE-2024-12447
CVE-2024-12447 is a vulnerability in the Get Post Content Shortcode plugin for WordPress, affecting all versions up to 0.4. It enables Insecure Direct Object Reference via the post_content shortcode due to missing validation on a user-controlled key, allowing authenticated attackers with Contribu...