Security Advisory

CVE-2023-1911

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-05-02 07:04:59

Last updated 2025-01-30 14:29:36

Assigner WPScan

State PUBLISHED

Description

The Blocksy Companion WordPress plugin before 1.8.82 does not ensure that posts to be accessed via a shortcode are already public and can be viewed, allowing any authenticated users, such as subscriber to access draft posts for example

← Browse all CVEs View on cve.org ↗