CVE-2023-4036
- Reference to the description:
- Description:
- The Simple Blog Card WordPress plugin before 1.32 does not ensure that posts to be displayed via a shortcode are public, allowing any authenticated users, such as subscriber, to retrieve arbitrary post title and their content such as draft, private and password protected ones
- Last updated date:
- 09/01/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 09/01/2023
- Reference url to background
https://wpscan.com/vulnerability/de3e1718-c358-4510-b142-32896ffeb03f