Описание
The Post Grid and Gutenberg Blocks – ComboBlocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.6 via the /wp-json/post-grid/v2/get_users REST API This makes it possible for unauthenticated attackers to extract sensitive data including including emails and other user data.
Ссылки
- Product
- Patch
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.3.7 (исключая)
cpe:2.3:a:pickplugins:post_grid:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 51%
0.00279
Низкий
5.3 Medium
CVSS3
7.5 High
CVSS3
Дефекты
CWE-200
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 5.3
github
11 месяцев назад
The Post Grid and Gutenberg Blocks – ComboBlocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.6 via the /wp-json/post-grid/v2/get_users REST API This makes it possible for unauthenticated attackers to extract sensitive data including including emails and other user data.
EPSS
Процентиль: 51%
0.00279
Низкий
5.3 Medium
CVSS3
7.5 High
CVSS3
Дефекты
CWE-200
NVD-CWE-noinfo