216 matches found
CVE-2024-0421 MapPress Maps for WordPress < 2.88.16 - Unauthenticated Arbitrary Private/Draft Post Disclosure
The MapPress Maps for WordPress plugin before 2.88.16 is affected by an IDOR as it does not ensure that posts to be retrieve via an AJAX action is a public map, allowing unauthenticated users to read arbitrary private and draft posts...
PT-2024-15544 · WordPress · Mappress Maps
Name of the Vulnerable Software and Affected Versions: MapPress Maps for WordPress versions prior to 2.88.16 Description: The issue affects the MapPress Maps for WordPress plugin, allowing unauthenticated users to read arbitrary private and draft posts due to an Insecure Direct Object Reference...
WordPress Plugin MapPress Maps Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability previously existed...
CVE-2024-0596
The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the editorhtml function in all versions up to, and including, 6.1.7. This makes it possible for authenticated attackers, with...
CVE-2023-7199
The Relevanssi WordPress plugin before 4.22.0, Relevanssi Premium WordPress plugin before 2.25.0 allows any unauthenticated user to read draft and private posts via a crafted request...
CVE-2023-7199
The Relevanssi WordPress plugin before 4.22.0, Relevanssi Premium WordPress plugin before 2.25.0 allows any unauthenticated user to read draft and private posts via a crafted request...
CVE-2023-5922
The Royal Elementor Addons and Templates WordPress plugin before 1.3.81 does not ensure that users accessing posts via an AJAX action and REST endpoint, currently disabled in the plugin have the right to do so, allowing unauthenticated users to access arbitrary draft, private and password protect...
The Events Calendar < 6.2.9 - Unauthenticated Sensitive Information Exposure
Description The plugin is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.2.8.2 via the route function hooked into wpajaxnoprivtribedropdown. This makes it possible for unauthenticated attackers to extract potentially sensitive data including post titles and I...
CVE-2023-6077
The Slider WordPress plugin before 3.5.12 does not ensure that posts to be accessed via an AJAX action are slides and can be viewed by the user making the request, allowing any authenticated users, such as subscriber to access the content arbitrary post such as private, draft and password protect...
Royal Elementor Addons and Templates < 1.3.81 - Unauthenticated Arbitrary Post Read
Description The plugin does not ensure that users accessing posts via an AJAX action and REST endpoint, currently disabled in the plugin have the right to do so, allowing unauthenticated users to access arbitrary draft, private and password protected posts/pages content WooCommerce needs to be...
CVE-2023-5331 File Information Leak via IDOR in file_id in Draft Posts
Mattermost fails to properly check the creator of an attached file when adding the file to a draft post, potentially exposing unauthorized file information...
Mattermost Security Vulnerabilities
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost that stems from a failure to properly check the creator of an attachment when adding it to a draft post, which could lead to information disclosure...
CVE-2023-1911
The Blocksy Companion WordPress plugin before 1.8.82 does not ensure that posts to be accessed via a shortcode are already public and can be viewed, allowing any authenticated users, such as subscriber to access draft posts for example...
CVE-2023-1911
The Blocksy Companion WordPress plugin before 1.8.82 does not ensure that posts to be accessed via a shortcode are already public and can be viewed, allowing any authenticated users, such as subscriber to access draft posts for example...
CVE-2023-1911
Blocksy Companion (WordPress plugin by Creative Themes) before 1.8.82 contains an authorization flaw: posts accessible via a shortcode are not confirmed public, allowing any authenticated user (e.g., subscribers) to view draft content. This exposes draft posts to users who should not have access....
CVE-2023-1911 Blocksy Companion < 1.8.82 - Subscriber+ Draft Post Access
The Blocksy Companion WordPress plugin before 1.8.82 does not ensure that posts to be accessed via a shortcode are already public and can be viewed, allowing any authenticated users, such as subscriber to access draft posts for example...
CVE-2023-1426
The WP Tiles WordPress plugin through 1.1.2 does not ensure that posts to be displayed are not draft/private, allowing any authenticated users, such as subscriber to retrieve the titles of draft and privates posts for example. AN attacker could also retrieve the title of any other type of post...
CVE-2023-1426
CVE-2023-1426 affects the WordPress plugin WP Tiles up to version 1.1.2. The vulnerability arises because the plugin’s display logic does not ensure that posts shown are not drafts or private, allowing any authenticated user (e.g., subscribers) to retrieve the titles of draft/private posts and po...
CVE-2023-1426 WP Tiles <= 1.1.2 - Subscriber+ Draft/Private Post Title Disclosure
The WP Tiles WordPress plugin through 1.1.2 does not ensure that posts to be displayed are not draft/private, allowing any authenticated users, such as subscriber to retrieve the titles of draft and privates posts for example. AN attacker could also retrieve the title of any other type of post...
Blocksy Companion < 1.8.82 - Subscriber+ Draft Post Access
The plugin does not ensure that posts to be accessed via a shortcode are already public and can be viewed, allowing any authenticated users, such as subscriber to access draft posts for example PoC Run the below command in the developer console of the web browser while being on the blog as a...