Sight – Professional Image Gallery And Portfolio
Approved changes feed: RSS · Atom
cpe:2.3:a:codesupplyco:sight_–_professional_image_gallery_and_portfolio:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Codesupplyco (6c9f6ce0-e480-5f84-8175-81b81292b27d) |
|---|---|
| Product | Sight – Professional Image Gallery And Portfolio (824d9c4e-cdd3-5a55-b5c1-ef63f2ab4cd5) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-9025 |
vulnerable | 2026-06-08 07:00:26.497740 |
Sight – Professional Image Gallery and Portfolio <= 1.1.2 - Missing Authorization to Sensitive Information Exposure in handler_post_title
MEDIUM (5.3)
The Sight – Professional Image Gallery and Portfolio plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'handler_post_title' function in all versions up to, and including, 1.1.2. This makes it possible for unauthenticated attackers to expose private, pending, trashed, and draft post titles. Successful exploitation requires the Elementor plugin to be installed and activated.
Published: 2024-09-26T08:29:46.489Z
Updated: 2026-04-08T17:33:58.415Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.