- Description
- The Simple Page Access Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.29 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-level roles such as logged-in users.
- Source
- security@wordfence.com
- NVD status
- Received
CVSS 3.1
- Type
- Primary
- Base score
- 5.3
- Impact score
- 1.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Severity
- MEDIUM
- security@wordfence.com
- CWE-200
- Hype score
- Not currently trending
CVE-2024-11295 Sensitive Data Exposure in WordPress Plugin Through Core Search Feature The Simple Page Access Restriction plugin for WordPress has a vulnerability in all versions up to 1.0.29. It can expose sensi... https://t.co/4V8hZ4aPRM
@VulmonFeeds
18 Dec 2024
15 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-11295 The Simple Page Access Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.29 via the WordPress… https://t.co/FtrPc7VsoP
@CVEnew
18 Dec 2024
514 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes