CVE-2024-10695 – Futurio Extra Plugin for WordPress Information Exposure Vulnerability

11月 12, 2024
5:16 am

CVE ID : CVE-2024-10695

Published : Nov. 12, 2024, 4:15 a.m. | 1 hour, 1 minute ago

Description : The Futurio Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.0.13 via the ‘elementor-template’ shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts that they should not have access to.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-10695 – Futurio Extra Plugin for WordPress Information Exposure Vulnerability

Elvescore.io

Recent Posts

CVE-2024-12949 – Code-projects Travel Management System SQL Injection Vulnerability

CVE-2024-12950 – Adobe Code-Projects Travel Management System SQL Injection Vulnerability

CVE-2024-47148 – Honor Privilege Assignment Vulnerability

CVE-2024-47153 – Honor Information Leak Vulnerability

CVE-2024-47154 – Honor Information Leak Vulnerability

CVE-2024-47155 – Honor Information Leak Vulnerability

CVE-2024-10695 – Futurio Extra Plugin for WordPress Information Exposure Vulnerability

CVE-2024-10695 – Futurio Extra Plugin for WordPress Information Exposure Vulnerability