- Description
- The Content No Cache: prevent specific content from being cached plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 0.1.2 via the eos_dyn_get_content action due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to extract data from password protected, private, or draft posts that they should not have access to.
- Source
- security@wordfence.com
- NVD status
- Received
CVSS 3.1
- Type
- Primary
- Base score
- 5.3
- Impact score
- 1.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Severity
- MEDIUM
- security@wordfence.com
- CWE-639
- Hype score
- Not currently trending
CVE Alert: CVE-2024-12103 - https://t.co/JOKs7JbLoC #OSINT #ThreatIntel #CyberSecurity #cve_2024_12103
@RedPacketSec
25 Dec 2024
113 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-12103 Information Exposure in WordPress Plugin Leads to Data Leakage The Content No Cache plugin for WordPress has an Information Exposure vulnerability. This affects all versions, including 0.1.2. The i... https://t.co/HWRMJWXTpZ
@VulmonFeeds
24 Dec 2024
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-12103 The Content No Cache: prevent specific content from being cached plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 0.1.… https://t.co/ciTSa2J4DY
@CVEnew
24 Dec 2024
458 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes