Security Advisory

CVE-2023-4036

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-08-30 14:22:01

Last updated 2025-05-02 15:47:12

Assigner WPScan

State PUBLISHED

Description

The Simple Blog Card WordPress plugin before 1.32 does not ensure that posts to be displayed via a shortcode are public, allowing any authenticated users, such as subscriber, to retrieve arbitrary post title and their content such as draft, private and password protected ones

← Browse all CVEs View on cve.org ↗