The Simple Page Access Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.21 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's page restriction and view page content.
History

Thu, 07 Nov 2024 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2024-02-08T08:32:08.194Z

Updated: 2024-11-07T19:57:16.741Z

Reserved: 2024-01-26T17:50:50.628Z

Link: CVE-2024-0965

cve-icon Vulnrichment

Updated: 2024-08-01T18:26:30.433Z

cve-icon NVD

Status : Modified

Published: 2024-02-08T09:15:46.047

Modified: 2024-11-21T08:47:54.463

Link: CVE-2024-0965

cve-icon Redhat

No data.