CVE-2024-0909

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Feb 3, 2024

Updated: Feb 8, 2024

Summary

CVE-2024-0909 is a newly disclosed vulnerability affecting the Anonymous Restricted Content plugin for WordPress. In versions up to 1.6.2, this plugin fails to implement adequate restrictions through its REST API, leading to information disclosure. Unauthenticated attackers can exploit this vulnerability to access protected content, posing a significant risk to websites using this plugin. It is recommended that users immediately update to the latest version or consider disabling the plugin until a patch is available.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uSH03J
https://www.cve.org/CVERecord?id=CVE-2024-0909
https://nvd.nist.gov/vuln/detail/CVE-2024-0909

Back to Vulnerability Database

CVE-2024-0909

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations