Medium severity6.5NVD Advisory· Published Apr 9, 2024· Updated Apr 8, 2026
CVE-2024-2093
CVE-2024-2093
Description
The VK All in One Expansion Unit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 9.95.0.1 via social meta tags. This makes it possible for unauthenticated attackers to view limited password protected content.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:vektor-inc:vk_all_in_one_expansion_unit:*:*:*:*:*:wordpress:*:*Range: <9.96.0.0
- Range: <=9.95.0.1
Patches
Vulnerability mechanics
References
3- plugins.trac.wordpress.org/changesetnvdPatch
- github.com/vektor-inc/vk-all-in-one-expansion-unit/pull/1072nvdIssue TrackingVendor Advisory
- www.wordfence.com/threat-intel/vulnerabilities/id/ea2b5dca-42a5-49d4-800d-b268572968a9nvdThird Party Advisory
News mentions
0No linked articles in our index yet.