Описание
The Anonymous Restricted Content plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 1.6.2. This is due to insufficient restrictions through the REST API on the posts/pages that protections are being place on. This makes it possible for unauthenticated attackers to access protected content.
Ссылки
- Patch
- Patch
- Third Party Advisory
- Patch
- Patch
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.6.2 (включая)
cpe:2.3:a:cayenne:anonymous_restricted_content:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 64%
0.00465
Низкий
5.3 Medium
CVSS3
7.5 High
CVSS3
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 5.3
github
около 2 лет назад
The Anonymous Restricted Content plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 1.6.2. This is due to insufficient restrictions through the REST API on the posts/pages that protections are being place on. This makes it possible for unauthenticated attackers to access protected content.
EPSS
Процентиль: 64%
0.00465
Низкий
5.3 Medium
CVSS3
7.5 High
CVSS3
Дефекты
NVD-CWE-noinfo