Описание
The MAS Static Content plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.8 via the static_content() function. This makes it possible for authenticated attackers, with contributor-level access and above, to extract potentially sensitive information from private static content pages.
The MAS Static Content plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.8 via the static_content() function. This makes it possible for authenticated attackers, with contributor-level access and above, to extract potentially sensitive information from private static content pages.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2024-8483
- https://plugins.trac.wordpress.org/browser/mas-static-content/tags/1.0.8/includes/class-mas-static-content-shortcodes.php#L35
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3151679%40mas-static-content&new=3151679%40mas-static-content&sfp_email=&sfph_mail=
- https://www.wordfence.com/threat-intel/vulnerabilities/id/794bc5cd-c9ac-4583-ae3d-a92361374b5f?source=cve
Связанные уязвимости
The MAS Static Content plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.8 via the static_content() function. This makes it possible for authenticated attackers, with contributor-level access and above, to extract potentially sensitive information from private static content pages.