cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-12560,https://securityvulnerability.io/vulnerability/CVE-2024-12560,Sensitive Information Exposure Vulnerability in Button Block Plugin for WordPress,"CVE-2024-12560 represents a significant security vulnerability in the Button Block – a popular customizable button plugin for WordPress. This vulnerability allows authenticated attackers, specifically those with Contributor-level access and higher, to exploit the 'btn_block_duplicate_post' function. It enables them to extract potentially sensitive data from draft, scheduled, private, and password-protected posts. As such, it poses a serious risk for website security and data integrity, emphasizing the need for immediate updates to safeguard against unauthorized data retrieval.",Wordpress,Button Block – Get Fully Customizable & Multi-functional Buttons,4.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-12-19T07:05:47.462Z,0
CVE-2024-10671,https://securityvulnerability.io/vulnerability/CVE-2024-10671,Information Exposure Vulnerability in The Button Block Plugin,"The Button Block – Get fully customizable & multi-functional buttons plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.4 via the [btn_block] shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from password protected, private, or draft posts that they should not have access to.",Wordpress,Button Block – Get Fully Customizable & Multi-functional Buttons,4.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-11-21T05:33:51.413Z,0