CVE-2024-12434

Medium CVSS: 5.3

The SureMembers plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.10.6 via the REST API. This makes it possible for unauthenticated attackers to extract sensitive data including restricted content.

Vendor

Product

CWE

CWE-200

Yayın Tarihi

2025-02-26 13:15:36

Güncelleme

2025-02-26 13:15:36

Source Identifier

security@wordfence.com

KEV Date Added

Kategoriler

CWE-200 MEDIUM 2025

Referanslar

https://suremembers.com/whats-new/ https://www.wordfence.com/threat-intel/vulnerabilities/id/f33e0019-e52e-464b-843d-a034e5205b2e?source=cve