CVE-2024-0681

The Page Restriction WordPress WP – Protect WP Pages/Post plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 1.3.4. This is due to the plugin not properly restricting access to pages via the REST API when a page has been made private. This makes it...

CVE-2022-45073

CVE-2022-45073 describes a CSRF vulnerability in the WordPress REST API Authentication plugin (versions ≤ 2.4.0). The issue arises from the plugin not performing CSRF checks when updating settings, potentially allowing an authenticated attacker to trigger unintended settings changes through forge...