Descrição
The Memberpress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.11.37 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-level roles such as administrator.
Software
Não informado
Tipo Software
Plugin
CVE
CVE-2024-11299
Tags
Nâo informado
Data de publicação
22/04/2025
Última atualização
24/04/2025
Pontuação em CVSS 3.0
5.3
Médio