Advanced Post Block
Approved changes feed: RSS · Atom
cpe:2.3:a:abuhayat:advanced_post_block:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Abuhayat (242b6787-5027-502f-a15b-d5a8ab3664b4) |
|---|---|
| Product | Advanced Post Block (9731c0d2-cdb5-5a9e-a26f-161e758a6d07) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-0908 |
vulnerable | 2026-06-03 14:54:04.468315 |
Advanced Post Block – Display Posts, Pages, or Custom Posts on Your Page <= 1.13.4 - Missing Authorization to Information Disclosure
MEDIUM (5.3)
The Advanced Post Block – Display Posts, Pages, or Custom Posts on Your Page plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the apbPosts() function hooked via an AJAX action in all versions up to, and including, 1.13.4. This makes it possible for unauthenticated attackers to retrieve all post data, including those that may be password protected.
Published: 2024-05-02T16:52:24.157Z
Updated: 2026-04-08T17:06:37.650Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.