cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-11280,https://securityvulnerability.io/vulnerability/CVE-2024-11280,Sensitive Information Exposure Vulnerability in PPWP Plugin for WordPress,"CVE-2024-11280 is a significant vulnerability affecting the PPWP – Password Protect Pages plugin for WordPress that exposes sensitive information. This vulnerability arises from the use of the WordPress core search feature, which inadvertently allows unauthenticated attackers to access and extract sensitive data from posts restricted to higher-level roles, such as administrators. All versions of the plugin up to and including 1.9.5 are at risk, emphasizing the need for website owners to update their plugins promptly to safeguard sensitive information.",Wordpress,PpWP – Password Protect Pages,5.3,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,2024-12-17T11:24:29.909Z,0
CVE-2024-0620,https://securityvulnerability.io/vulnerability/CVE-2024-0620,Sensitive Information Exposure in PPWP – Password Protect Pages Plugin for WordPress,"The Password Protect Pages plugin for WordPress is susceptible to sensitive information exposure due to improper handling of API requests. This vulnerability affects all versions up to and including 1.8.9. Unauthenticated attackers can exploit this flaw to access sensitive data, including post titles, IDs, and slugs, along with metadata for password-protected content. Such exposure can lead to further security risks, including unauthorized access to sensitive information that should remain protected.",Wordpress,PpWP – Password Protect Pages,5.3,MEDIUM,0.0005000000237487257,false,,false,false,false,,false,false,2024-02-29T01:43:00.000Z,0