WordPress Share Drafts Publicly Plugin <= 1.1.4 - Authenticated Information Disclosure Vulnerability
Because of this vulnerability, a user would now need to have access to a valid nonce to be able to make a draft public. WordPress Share Drafts Publicly users don’t have access to a draft could use the functionality to view it since the AJAX request was accessible to anyone logged in to WordPress...