CVE-2024-10692
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Published Dec 6, 2024
CWE ID 639
Summary
CVE-2024-10692 is a newly disclosed vulnerability affecting the PowerPack Elementor Addons plugin used in WordPress sites. The issue lies within the Content Reveal widget and allows authenticated attackers with Contributor-level access or higher to access data from password-protected, private, or draft posts. This Information Exposure vulnerability puts sensitive information at risk, potentially leading to privacy breaches. All versions up to and including 2.8.1 are affected. Users are urged to update the plugin as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share