CVE-2024-5615

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Jun 6, 2024

Updated: Jun 11, 2024

Summary

CVE-2024-5615 is a vulnerability affecting the Open Graph plugin for WordPress. This issue, present in versions up to 1.11.2, allows unauthenticated attackers to extract sensitive information through the 'opengraph_default_description' function. The vulnerability exposes partial content of password-protected blog posts, posing a significant risk to website security and privacy. Attackers can exploit this flaw to gain unauthorized access to sensitive data without needing authentication credentials. WordPress users are strongly advised to update the plugin as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/wQ9bAJ
https://www.cve.org/CVERecord?id=CVE-2024-5615
https://nvd.nist.gov/vuln/detail/CVE-2024-5615

Back to Vulnerability Database

CVE-2024-5615

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations