WordPress Albo Pretorio Online Plugin <= 4.6.6 is vulnerable to Sensitive Data Exposure
CVE-2024-22301

7.5HIGH

Key Information:

Vendor: WordPress
Status: Albo Pretorio On line
Vendor: CVE Published:; 24 January 2024

What is CVE-2024-22301?

The vulnerability affects Ignazio Scimone's Albo Pretorio On line, exposing sensitive information to unauthorized actors. This issue impacts versions of the product up to 4.6.6. Organizations using these versions may be at risk of having confidential data accessed by malicious entities, highlighting the importance of timely updates and security measures to protect sensitive information.

Affected Version(s)

Albo Pretorio On line <= 4.6.6

References

https://patchstack.com/database/vulnerability/albo-pretor...

vdb-entry

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 24, 2024
Vulnerability Reserved
Jan 8, 2024

Credit

Muhammad Daffa (Patchstack Alliance)