Описание
The VK All in One Expansion Unit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 9.95.0.1 via social meta tags. This makes it possible for unauthenticated attackers to view limited password protected content.
Ссылки
- Issue TrackingVendor Advisory
- Patch
- Third Party Advisory
- Issue TrackingVendor Advisory
- Patch
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 9.96.0.0 (исключая)
cpe:2.3:a:vektor-inc:vk_all_in_one_expansion_unit:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 78%
0.01135
Низкий
6.5 Medium
CVSS3
5.3 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 6.5
github
почти 2 года назад
The VK All in One Expansion Unit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 9.95.0.1 via social meta tags. This makes it possible for unauthenticated attackers to view limited password protected content.
EPSS
Процентиль: 78%
0.01135
Низкий
6.5 Medium
CVSS3
5.3 Medium
CVSS3
Дефекты
NVD-CWE-noinfo