CVE-2024-0965

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Feb 8, 2024

Updated: Feb 15, 2024

Summary

CVE-2024-0965 is a vulnerability affecting the Simple Page Access Restriction plugin for WordPress. This issue allows unauthenticated attackers to bypass page restrictions via the plugin's REST API, resulting in sensitive information exposure. Versions up to and including 1.0.21 are vulnerable. This vulnerability poses a significant risk, as it enables attackers to view content that should be restricted, potentially leading to data breaches or unauthorized access.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uS0ZU9
https://www.cve.org/CVERecord?id=CVE-2024-0965
https://nvd.nist.gov/vuln/detail/CVE-2024-0965

Back to Vulnerability Database

CVE-2024-0965

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations