Medium severity5.3NVD Advisory· Published Dec 11, 2024· Updated Jun 17, 2026
CVE-2024-12294
CVE-2024-12294
Description
The Last Viewed Posts by WPBeginner plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.1 via the 'get_legacy_cookies' function. This makes it possible for unauthenticated attackers to extract sensitive data including titles and permalinks of private, password-protected, pending, and draft posts.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=1.0.1
- Range: <=1.0.1
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.