Descrição
The GenerateBlocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9.1 via the ‘get_image_description’ function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including the content of private, draft, and scheduled posts and pages.
Software
Não informado
Tipo Software
Plugin
CVE
CVE-2024-13546
Tags
Nâo informado
Data de publicação
01/03/2025
Última atualização
02/03/2025
Pontuação em CVSS 3.0
4.3
Médio