CVE-2024-13546

by Fred · 01/03/2025

The GenerateBlocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9.1 via the ‘get_image_description’ function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including the content of private, draft, and scheduled posts and pages.

More information : https://plugins.trac.wordpress.org/browser/generateblocks/trunk/includes/class-dynamic-content.php#L1047

CVE-2024-13546

Similar

Recent Posts

Categories

CVE-2024-13546

Share this:

Similar

Recent Posts

Categories

Tags