Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2021-24677

Disclosure Date: October 18, 2021 (last updated February 23, 2025)
The Find My Blocks WordPress plugin before 3.4.0 does not have authorisation checks in its REST API, which could allow unauthenticated users to enumerate private posts' titles.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0