The MAS Static Content plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.8 via the static_content() function. This makes it possible for authenticated attackers, with contributor-level access and above, to extract potentially sensitive information from private static content pages.
References
Configurations
History
02 Oct 2024, 16:42
Type | Values Removed | Values Added |
---|---|---|
First Time |
Madrasthemes mas Static Content
Madrasthemes |
|
CPE | cpe:2.3:a:madrasthemes:mas_static_content:*:*:*:*:*:wordpress:*:* | |
References | () https://plugins.trac.wordpress.org/browser/mas-static-content/tags/1.0.8/includes/class-mas-static-content-shortcodes.php#L35 - Product | |
References | () https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3151679%40mas-static-content&new=3151679%40mas-static-content&sfp_email=&sfph_mail= - Patch | |
References | () https://www.wordfence.com/threat-intel/vulnerabilities/id/794bc5cd-c9ac-4583-ae3d-a92361374b5f?source=cve - Third Party Advisory | |
CWE | NVD-CWE-noinfo | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
26 Sep 2024, 13:32
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
25 Sep 2024, 03:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-25 03:15
Updated : 2024-10-02 16:42
NVD link : CVE-2024-8483
Mitre link : CVE-2024-8483
CVE.ORG link : CVE-2024-8483
JSON object : View
Products Affected
madrasthemes
- mas_static_content
CWE