CVE-2024-0881

Published: Apr 11, 2024

Modified: Oct 31, 2024

PUBLISHED

Description

The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel WordPress plugin before 2.2.76 does not have proper authorization, resulting in password protected posts to be displayed in the result of some unauthenticated AJAX actions, allowing unauthenticated users to read such posts

Vendor	Product	Versions
Unknown	Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel	affected `0 - < 2.2.76`

References

https://wpscan.com/vulnerability/e460e926-6e9b-4e9f-b908-ba5c9c7fb290/

exploit

vdb-entry

technical-description

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-0881

Description

Affected Products

References