- Description
- The Full Screen Menu for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.7 via the Full Screen Menu Elementor Widget due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with contributor-level access and above, to extract data from private or draft posts created with Elementor that they should not have access to.
- Source
- security@wordfence.com
- NVD status
- Received
CVSS 3.1
- Type
- Primary
- Base score
- 4.3
- Impact score
- 1.4
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
- Severity
- MEDIUM
- security@wordfence.com
- CWE-639
- Hype score
- Not currently trending
CVE-2024-10797 Information Exposure Vulnerability in Full Screen Menu Elementor Plugin The Full Screen Menu for Elementor plugin for WordPress has an Information Exposure vulnerability in versions up to 1.0.7. Th... https://t.co/91U2jdSQRq
@VulmonFeeds
21 Dec 2024
76 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-10797 The Full Screen Menu for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.7 via the Full Screen Menu El… https://t.co/zdoPvHCA85
@CVEnew
21 Dec 2024
125 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes