exploitDog

CVE-2024-1769

Опубликовано: 05 мар. 2024

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

The JM Twitter Cards plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 12 via the meta description data. This makes it possible for unauthenticated attackers to view password protected post content when viewing the page source.

Ссылки

https://wordpress.org/plugins/jm-twitter-cards/
Product
https://www.wordfence.com/threat-intel/vulnerabilities/id/b48e5973-6923-47cc-a660-ecc989f540f8?source=cve
Third Party Advisory
https://wordpress.org/plugins/jm-twitter-cards/
Product
https://www.wordfence.com/threat-intel/vulnerabilities/id/b48e5973-6923-47cc-a660-ecc989f540f8?source=cve
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:jmlapam:jm_twitter_cards:*:*:*:*:*:wordpress:*:*

Версия до 14.1.0 (исключая)

EPSS

Процентиль: 43%

0.00208

Низкий

5.3 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-9qgv-7wf9-26xp

CVSS3: 5.3

github

почти 2 года назад

The JM Twitter Cards plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 12 via the meta description data. This makes it possible for unauthenticated attackers to view password protected post content when viewing the page source.

EPSS

Процентиль: 43%

0.00208

Низкий

5.3 Medium

CVSS3

Дефекты

NVD-CWE-noinfo