Design/Logic Flaw

The Document Embedder WordPress plugin before 1.7.5 contains a REST endpoint, which could allow unauthenticated users to enumerate the title of arbitrary private and draft posts...

CVE-2021-24775 Document Embedder < 1.7.5 - Unauthenticated Arbitrary Private/Draft Post Title Disclosure

The Document Embedder WordPress plugin before 1.7.5 contains a REST endpoint, which could allow unauthenticated users to enumerate the title of arbitrary private and draft posts...

WordPress 安全漏洞

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. Document Embedder WordPress plugin prior to version 1.7.9 is vulnerable to a title enumeration vulnerability, which stems from the fact that the plugin includes an AJAX operation endpoint that can be...

WordPress 安全漏洞

WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. WordPress plugin is an application plugin for WordPress. WordPress Document Embedder plugin versions prior to 1.7.5 contain an information disclosure vulnerability that could be exploited to all...

CVE-2021-24733

The WP Post Page Clone WordPress plugin before 1.2 allows users with a role as low as Contributor to clone and view other users' draft and password-protected posts which they cannot view normally...

CVE-2021-24948

The Plus Addons for Elementor - Pro WordPress plugin before 5.0.7 does not validate the qvquery parameter of the tpgetdlpostinfoajax AJAX action, which could allow unauthenticated users to retrieve sensitive information, such as private and draft posts...

Document Embedder < 1.7.5 - Unauthenticated Arbitrary Private/Draft Post Title Disclosure

The plugin contains a REST endpoint, which could allow unauthenticated users to enumerate the title of arbitrary private and draft posts. https://example.com/wp-json/doc/v1/single/509 509 being the ID of a private/draft Post...

WordPress Document Embedder plugin <= 1.7.6 - Arbitrary Private/Draft Post Title Disclosure vulnerability

Arbitrary Private/Draft Post Title Disclosure vulnerability discovered by apple502j in WordPress Document Embedder plugin versions = 1.7.6. Solution Update the WordPress Document Embedder plugin to the latest available version at least 1.7.8...

WordPress Document Embedder plugin <= 1.7.4 - Unauthenticated Arbitrary Private/Draft Post Title Disclosure vulnerability

Unauthenticated Arbitrary Private/Draft Post Title Disclosure vulnerability discovered by apple502j in WordPress Document Embedder plugin versions = 1.7.4. Solution Update the WordPress Document Embedder plugin to the latest available version at least 1.7.5...

Document Embedder < 1.7.9 - Subscriber+ Arbitrary Private/Draft Post Title Disclosure

The plugin contains a AJAX action endpoint, which could allow any authenticated user, such as subscriber to enumerate the title of arbitrary private and draft posts. PoC As any authenticated user 1764 being the ID of a private/draft post...

Document Embedder < 1.7.9 - Subscriber+ Arbitrary Private/Draft Post Title Disclosure

The plugin contains a AJAX action endpoint, which could allow any authenticated user, such as subscriber to enumerate the title of arbitrary private and draft posts. As any authenticated user 1764 being the ID of a private/draft post...

Document Embedder < 1.7.5 - Unauthenticated Arbitrary Private/Draft Post Title Disclosure

The plugin contains a REST endpoint, which could allow unauthenticated users to enumerate the title of arbitrary private and draft posts. PoC https://example.com/wp-json/doc/v1/single/509 509 being the ID of a private/draft Post...

WP Post Page Clone < 1.2 - Unauthorised Post Access

The plugin allows users with a role as low as Contributor to clone and view other users' draft and password-protected posts which they cannot view normally. PoC Go to All Posts, find the post to clone, click "Click to Clone" then edit the cloned post to see its content...

Improper Access Control in splitbrain/dokuwiki

Description Users can access drafts of restricted files if they have create permissions on the same namespace and have the ability to create their own usernames due to the conflicting cache names. This can reveal draft contents, delete draft and overwrite the draft content of the restricted file...

Cross-Site Request Forgery (CSRF) in splitbrain/dokuwiki

Description Although security token is present in the delete draft POST request. It is not being checked in the backend by checkSecurityToken CSRF checks. Proof of Concept 1: As a logged-in user create a draft page, on the data/cache directory of the server run the command to confirm a draft has...

The Plus Addons for Elementor Pro < 5.0.7 - Sensitive Data Disclosure

The plugin does not validate the qvquery parameter of the tpgetdlpostinfoajax AJAX action, which could allow unauthenticated users to retrieve sensitive information, such as private and draft posts The following request allow an unauthenticated user to get the draft posts the nonce can be retriev...

Permissions not properly checked in Invenio-Drafts-Resources

Impact Invenio-Drafts-Resources does not properly check permissions when a record is published. The vulnerability is exploitable in a default installation of InvenioRDM. An authenticated user is able via REST API calls to publish draft records of other users if they know the record identifier and...

CVE-2021-43781

Invenio-Drafts-Resources is a submission/deposit module for Invenio, a software framework for research data management. Invenio-Drafts-Resources prior to versions 0.13.7 and 0.14.6 does not properly check permissions when a record is published. The vulnerability is exploitable in a default...

PYSEC-2021-837

Invenio-Drafts-Resources is a submission/deposit module for Invenio, a software framework for research data management. Invenio-Drafts-Resources prior to versions 0.13.7 and 0.14.6 does not properly check permissions when a record is published. The vulnerability is exploitable in a default...

PYSEC-2021-838

Invenio-Drafts-Resources is a submission/deposit module for Invenio, a software framework for research data management. Invenio-Drafts-Resources prior to versions 0.13.7 and 0.14.6 does not properly check permissions when a record is published. The vulnerability is exploitable in a default...