4 matches found
CVE-2024-1472
The WP Maintenance plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 6.1.6 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's maintenance mode obtain post and page content via REST API...
CVE-2024-1472
The WP Maintenance plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 6.1.6 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's maintenance mode obtain post and page content via REST API...
CVE-2024-1472
The CVE-2024-1472 entry covers WP Maintenance for WordPress. Affected versions are up to 6.1.6, where an information-exposure flaw in the REST API allows unauthenticated actors to bypass maintenance mode and retrieve post/page content. The issue is confirmed by multiple sources in the Connected d...
WordPress WP Maintenance Plugin <= 6.1.6 is vulnerable to Sensitive Data Exposure
Software WP Maintenance Type Plugin Vulnerable versions = 6.1.6 Fixed in 6.1.7 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-1472 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 1d4373c9ff44 Credits Francesco Carlucci Required...