CVE-2024-2950
5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
The BoldGrid Easy SEO – Simple and Effective SEO plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.6.14 via meta information (og:description) This makes it possible for unauthenticated attackers to view the first 130 characters of a password protected post which can contain sensitive information.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| boldgrid | BoldGrid Easy SEO – Simple and Effective SEO | 0 <= 1.6.14 | affected |
Weaknesses
- CWE-200: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://www.wordfence.com/threat-intel/vulnerabilities/id/d502e617-a59f-4385-b050-3702a1b1ed7e?source=cve
- https://plugins.trac.wordpress.org/browser/boldgrid-easy-seo/tags/1.6.15/includes/class-boldgrid-seo-admin.php?rev=3064911
References
- https://www.wordfence.com/threat-intel/vulnerabilities/id/d502e617-a59f-4385-b050-3702a1b1ed7e?source=cve
- https://plugins.trac.wordpress.org/browser/boldgrid-easy-seo/tags/1.6.15/includes/class-boldgrid-seo-admin.php?rev=3064911
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.