Security Advisory

CVE-2024-13796

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-02-28 04:21:55

Last updated 2026-04-08 16:33:05

Assigner Wordfence

State PUBLISHED

Description

The Post Grid and Gutenberg Blocks – ComboBlocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.6 via the /wp-json/post-grid/v2/get_users REST API This makes it possible for unauthenticated attackers to extract sensitive data including including emails and other user data.

← Browse all CVEs View on cve.org ↗