Unrated severityNVD Advisory· Published Aug 29, 2024· Updated Apr 8, 2026
The Post Grid <= 7.7.11 - Authenticated (Contributor+) Information Disclosure
CVE-2024-7418
Description
The The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.7.11 via the post_query_guten and post_query functions. This makes it possible for authenticated attackers, with contributor-level access and above, to extract information from posts that are not public (i.e. draft, future, etc..).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: <=7.7.11
- techlabpro1/The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Gridv5Range: 0
Patches
Vulnerability mechanics
References
4- plugins.trac.wordpress.org/changeset/3142599/the-post-grid/trunk/app/Controllers/Blocks/BlockBase.phpmitre
- plugins.trac.wordpress.org/changeset/3142599/the-post-grid/trunk/app/Widgets/elementor/rtTPGElementorQuery.phpmitre
- plugins.trac.wordpress.org/changesetmitre
- www.wordfence.com/threat-intel/vulnerabilities/id/dddecb2e-9ad6-4e44-afce-5eba7da6322dmitre
News mentions
0No linked articles in our index yet.