CVE-2024-10937
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Published Dec 5, 2024
CWE ID 284
Summary
CVE-2024-10937: The Related Posts plugin for WordPress, used by versions up to 2.0.58, has a Sensitive Information Exposure vulnerability. Unauthenticated attackers can exploit this issue through the wp_ajax_nopriv_related_post_ajax_get_post_ids AJAX action, gaining access to draft post titles. This vulnerability poses a significant risk as unauthorized individuals can obtain confidential information that is not yet ready for public release. WordPress users are advised to update the plugin to the latest version to mitigate this issue.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share