CVE-2024-11282

Medium CVSS: 5.3

The Passster – Password Protect Pages and Content plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.2.10 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-level roles such as administrator.

Vendor

Wpchill

Product

Passster

CWE

CWE-200

Yayın Tarihi

2025-01-07 07:15:25

Güncelleme

2025-06-05 15:42:54

Source Identifier

security@wordfence.com

KEV Date Added

Kategoriler

CWE-200 Passster MEDIUM Wpchill 2025

Referanslar

https://plugins.trac.wordpress.org/changeset/3211004/content-protector https://www.wordfence.com/threat-intel/vulnerabilities/id/11782a65-30b9-400e-8fe0-ab9f05ba5e42?source=cve

Benzer Kayıtlar

High

CVE-2025-13646

The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validatio…

High

CVE-2025-13645

The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path val…

Medium

CVE-2024-9416

The Modula Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's bundled Fanc…

High

CVE-2024-12853

The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validatio…