CVE-2024-1476 in Under Construction Maintenance Mode Plugininformazioni

Riassunto

di MITRE • 28/02/2024

The Under Construction / Maintenance Mode from Acurax plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6 via the REST API. This makes it possible for unauthenticated attackers to obtain the contents of posts and pages when maintenance mode is active thus bypassing the protection provided by the plugin.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Responsabile

Wordfence

Prenotare

13/02/2024

Divulgazione

28/02/2024

Moderazione

accettato

CPE

pronto

EPSS

0.00479

KEV

no

Attività

molto basso

Fonti

Do you know our Splunk app?

Download it now for free!