CVE-2024-10937

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Dec 5, 2024
CWE ID 284

Summary

CVE-2024-10937: The Related Posts plugin for WordPress, used by versions up to 2.0.58, has a Sensitive Information Exposure vulnerability. Unauthenticated attackers can exploit this issue through the wp_ajax_nopriv_related_post_ajax_get_post_ids AJAX action, gaining access to draft post titles. This vulnerability poses a significant risk as unauthorized individuals can obtain confidential information that is not yet ready for public release. WordPress users are advised to update the plugin to the latest version to mitigate this issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share