CVE-2024-7063

NVD Published Date: August 15, 2024 at 06:15 AM
NVD Last Modified: August 15, 2024 at 01:01 PM
Download Patch
Vulnerability ID
CVE-2024-7063
Severity
MEDIUM
Severity Score
4.3
Summary
The ElementsKit Pro plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.6 via the 'render_raw' function. This can allow authenticated attackers, with Contributor-level permissions and above, to extract sensitive data including private, future, and draft posts.
Mitigation and Patches
-
Exploits
-
Metasploit Payload
-
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CWE ID
None

Recent Publish

CVE-2024-7064

CVE-2024-7411

CVE-2024-43275

CVE-2024-7831

CVE-2024-7829

CVE-2024-7828

See SecOps Solution
in action

Schedule Demo