Security Advisory

CVE-2023-6257

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-04-11 05:00:02

Last updated 2025-03-26 20:47:15

Assigner WPScan

State PUBLISHED

Description

The Inline Related Posts WordPress plugin before 3.6.0 is missing authorization in an AJAX action to ensure that users are allowed to see the content of the posts displayed, allowing any authenticated user, such as subscriber to retrieve the content of password protected posts

← Browse all CVEs View on cve.org ↗