Unrated severityNVD Advisory· Published Apr 11, 2024· Updated Oct 31, 2024
Combo Blocks < 2.2.76 - Unauthenticated Password Protected Posts Access
CVE-2024-0881
Description
The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel WordPress plugin before 2.2.76 does not have proper authorization, resulting in password protected posts to be displayed in the result of some unauthenticated AJAX actions, allowing unauthenticated users to read such posts
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<2.2.76+ 1 more
- (no CPE)range: <2.2.76
- (no CPE)range: <2.2.76
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/e460e926-6e9b-4e9f-b908-ba5c9c7fb290/mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.