CVE-2024-0421
- Reference to the description:
- Description:
- The MapPress Maps for WordPress plugin before 2.88.16 is affected by an IDOR as it does not ensure that posts to be retrieve via an AJAX action is a public map, allowing unauthenticated users to read arbitrary private and draft posts.
- Last updated date:
- 10/04/2024
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 10/04/2024
- Reference url to background
https://wpscan.com/vulnerability/587acc47-1966-4baf-a380-6aa479a97c82/