The Document Embedder WordPress plugin before 1.7.5 contains a REST endpoint, which could allow unauthenticated users to enumerate the title of arbitrary private and draft posts.
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/c6f24afe-d273-4f87-83ca-a791a385b06b | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2022-02-01T12:21:26
Updated: 2022-02-01T12:21:26
Reserved: 2021-01-14T00:00:00
Link: CVE-2021-24775
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-02-01T13:15:08.580
Modified: 2022-02-04T17:50:40.483
Link: CVE-2021-24775
JSON object: View
Redhat Information
No data.
CWE