Sensitive Information Exposure in GenerateBlocks Plugin for WordPress
CVE-2024-1452
4.3MEDIUM
What is CVE-2024-1452?
The GenerateBlocks plugin for WordPress exhibits a vulnerability that allows authenticated users with contributor-level access or higher to view sensitive content. This includes access to posts and pages that are in draft status, marked as private, or scheduled for future publication. Exploitation of this vulnerability could lead to unauthorized exposure of unpublished content, undermining user privacy and content integrity.
Affected Version(s)
GenerateBlocks * <= 1.8.2