Lucene search

WpvulndbWPVDB-ID:6FAA229B-78B7-40D0-95C6-FC1937407254

HistoryApr 30, 2024 - 12:00 a.m.

Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks < 2.2.79 - Unauthenticated Sensitive Information Exposure

2024-04-3000:00:00

wpscan.com

wordpress

plugin

vulnerability

unauthenticated

sensitive information

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

6.9

Confidence

Low

EPSS

Percentile

9.0%

JSON

Description The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.78. This makes it possible for unauthenticated attackers to extract sensitive information.

References

www.wordfence.com/threat-intel/vulnerabilities/id/fb057a32-0027-4ca6-b65e-8634509c9a81

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

6.9

Confidence

Low

EPSS

Percentile

9.0%

JSON

Related for WPVDB-ID:6FAA229B-78B7-40D0-95C6-FC1937407254