5 matches found
WordPress Context Blog theme <= 1.2.5 - Unauthenticated Private Post Disclosure vulnerability
Unauthenticated Private Post Disclosure vulnerability discovered by jsonc in WordPress Theme Context Blog versions = 1.2.5...
CVE-2024-13514 B Slider- Gutenberg Slider Block for WP <= 1.1.23 - Authenticated (Contributor+) Private Post Disclosure via bsb-slider Shortcode
The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.9.5 via the 'bsb-slider' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, wi...
WordPress Essential Grid plugin <= 3.1.1 - Unauthenticated Private Post Disclosure vulnerability
Unauthenticated Private Post Disclosure vulnerability discovered by 1337Wannabe in WordPress Plugin Essential Grid versions = 3.1.1...
CVE-2023-7199 Relevanssi (Free < 4.22.0, Premium < 2.25.0) - Unauthenticated Private/Draft Post Disclosure
The Relevanssi WordPress plugin before 4.22.0, Relevanssi Premium WordPress plugin before 2.25.0 allows any unauthenticated user to read draft and private posts via a crafted request...
CVE-2023-7199 Relevanssi (Free < 4.22.0, Premium < 2.25.0) - Unauthenticated Private/Draft Post Disclosure
The Relevanssi WordPress plugin before 4.22.0, Relevanssi Premium WordPress plugin before 2.25.0 allows any unauthenticated user to read draft and private posts via a crafted request...