mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-28 18:48:49 +00:00
958 B
958 B
CVE-2024-2543
Description
The Permalink Manager Lite plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_uri_editor' function in all versions up to, and including, 2.4.3.1. This makes it possible for unauthenticated attackers to view the permalinks of all posts.
POC
Reference
- https://gist.github.com/Xib3rR4dAr/a248426dfee107c6fda08e80f98fa894
- https://gist.github.com/Xib3rR4dAr/a248426dfee107c6fda08e80f98fa894
Github
No PoCs found on GitHub currently.