CVE-2024-11089
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Summary
CVE-2024-11089 is a vulnerability affecting the Anonymous Restricted Content plugin for WordPress. In versions up to and including 1.6.5, this plugin fails to adequately protect sensitive information. Unauthenticated attackers can exploit this weakness through the WordPress core search feature, providing them access to restricted data in posts that are intended for logged-in users only. This issue poses a significant risk, as sensitive information may include personal details, passwords, or other confidential data. Users are strongly urged to update the plugin to a patched version to mitigate this exposure.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.