GCVE - cpe:2.3:a:pickplugins:post_grid_combo:-:*:*:*:*:wordpress:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:pickplugins:post_grid_combo:-:*:*:*:*:wordpress:*:*

part: a version: - update: *

Vendor	Pickplugins (`03c448d6-40a7-5ce8-8d7e-bbbe6a0aa644`)
Product	Post Grid Combo (`a330c671-59c9-563d-ad09-f5d3a4b95da9`)
Edition	*
Language	*
Software edition	*
Target software	wordpress
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-10937`	vulnerable	2026-06-03 14:54:13.027027	Related Posts, Inline Related Posts, Contextual Related Posts, Related Content By PickPlugins <= 2.0.58 - Sensitive Information Exposure MEDIUM (5.3) The Related Posts, Inline Related Posts, Contextual Related Posts, Related Content By PickPlugins plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.58 via the wp_ajax_nopriv_related_post_ajax_get_post_ids AJAX action. This makes it possible for unauthenticated attackers to extract sensitive data including titles of posts in draft status. Published: 2024-12-05T08:23:59.347Z Updated: 2026-04-08T17:04:41.082Z Open on db.gcve.eu Reference links https://www.wordfence.com/threat-intel/vulnerabilities/id/85f7c69d-0b48-47af-9451-3cfd4326ffe5?source=cve https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3199720%40related-post%2Ftrunk&old=3126666%40related-post%2Ftrunk&sfp_email=&sfph_mail=	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.