mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-06-01 11:11:27 +00:00
25 lines
1022 B
JSON
25 lines
1022 B
JSON
{
|
|
"id": "CVE-2024-0421",
|
|
"sourceIdentifier": "contact@wpscan.com",
|
|
"published": "2024-02-12T16:15:08.620",
|
|
"lastModified": "2024-08-30T13:15:12.090",
|
|
"vulnStatus": "Awaiting Analysis",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "The MapPress Maps for WordPress plugin before 2.88.16 is affected by an IDOR as it does not ensure that posts to be retrieve via an AJAX action is a public map, allowing unauthenticated users to read arbitrary private and draft posts."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "El complemento MapPress Maps para WordPress anterior a 2.88.16 no garantiza que las publicaciones que se recuperar\u00e1n mediante una acci\u00f3n AJAX sean un mapa p\u00fablico, lo que permite a usuarios no autenticados leer publicaciones arbitrarias privadas y borradores."
|
|
}
|
|
],
|
|
"metrics": {},
|
|
"references": [
|
|
{
|
|
"url": "https://wpscan.com/vulnerability/587acc47-1966-4baf-a380-6aa479a97c82/",
|
|
"source": "contact@wpscan.com"
|
|
}
|
|
]
|
|
} |