Lucene search
Krzysztof Zając (CERT PL)WPEX-ID:1664697E-0EA3-4D09-B2FD-153A104EC255HistoryMar 11, 2024 - 12:00 a.m.
Hubbub Lite < 1.33.1 - Unauthenticated Password Protected Posts Access
2024-03-1100:00:00
Krzysztof Zając (CERT PL)
28
hubbub lite password protection unauthenticated access exploit
Description The plugin does not ensure that user have access to password protected post before displaying its content in a meta tag.
When the "Disable Open Graph Meta Tags" settings of the plugin is disabled, view the source of a password protected post and note its content being disclosed in the "og:description" meta property tag.Related
cvelist
cvelist
cve
cve
CVE-2024-1526
2024-04-01 05:15:07
nvd
nvd
CVE-2024-1526
2024-04-01 05:15:07
vulnrichment
vulnrichment
wpvulndb
wpvulndb
Hubbub Lite < 1.33.1 - Unauthenticated Password Protected Posts Access
2024-03-11 00:00:00
6.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.1%
Related for WPEX-ID:1664697E-0EA3-4D09-B2FD-153A104EC255