CVE-2024-4997 Information
Jun 06, 2024
cve
Description
The WPUpper Share Buttons plugin for WordPress is vulnerable to unauthorized access of data when preparing sharing links for posts and pages in all versions up to and including 3.43. This makes it possible for unauthenticated attackers to obtain the contents of password protected posts and pages.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Reference
https://www.wordfence.com/threat-intel/vulnerabilities/id/c68ec00c-20a5-461d-bf72-c3190d29c9cf?source=cve https://wordpress.org/plugins/wpupper-share-buttons/
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
LOW
Availability Impact
NONE
Base Score
NONE
Base Severity
5.3
Share on: