admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-30 18:20:53 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2024/CVE-2024-0881.md

18 lines
974 B
Markdown
Raw Normal View History

Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00
### [CVE-2024-0881](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0881)
Update CVE sources 2024-08-31 19:52
2024-08-31 19:52:39 +00:00
![](https://img.shields.io/static/v1?label=Product&message=Post%20Grid%2C%20Form%20Maker%2C%20Popup%20Maker%2C%20WooCommerce%20Blocks%2C%20Post%20Blocks%2C%20Post%20Carousel&color=blue)
Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00
![](https://img.shields.io/static/v1?label=Version&message=0%3C%202.2.76%20&color=brighgreen)
Update CVE sources 2024-08-31 19:52
2024-08-31 19:52:39 +00:00
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-863%20Improper%20Access%20Control&color=brighgreen)
Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00
### Description
Update CVE sources 2024-08-31 19:52
2024-08-31 19:52:39 +00:00
The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel WordPress plugin before 2.2.76 does not have proper authorization, resulting in password protected posts to be displayed in the result of some unauthenticated AJAX actions, allowing unauthenticated users to read such posts
Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00
### POC
#### Reference
- https://wpscan.com/vulnerability/e460e926-6e9b-4e9f-b908-ba5c9c7fb290/
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
Reference in New Issue Copy Permalink