CVE-2024-11154
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Published Nov 20, 2024
Updated: Nov 21, 2024
CWE ID 862
Summary
CVE-2024-11154 is a Sensitive Information Exposure vulnerability affecting the PublishPress Revisions plugin for WordPress. Versions up to 3.5.15 are impacted, allowing authenticated attackers with Subscriber-level access and above to extract sensitive data. The vulnerability is located in the 'actAjaxRevisionDiffs' function, enabling attackers to access revisions of posts and pages, posing a significant security risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share