| CVE编号 | CVE-2024-13430 |
|---|---|
| 发布日期 | 2025-03-12T08:21:37.013Z |
| 更新日期 | 2025-03-12T14:24:08.555Z |
| 状态 | PUBLISHED |
| 受影响的供应商 | softaculous |
| 受影响的产品 | Page Builder: Pagelayer – Drag and Drop website builder |
| 描述 | The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.9.8 via the 'pagelayer_builder_posts_shortcode' function due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private posts that they should not have access to. |
参考链接:
