CVE-2024-1287

The pmpro-member-directory WordPress plugin before 1.2.6 does not prevent users with at least the contributor role from leaking other users' sensitive information, including password hashes.

CVSS

No CVSS.

References

Link	Resource
https://wpscan.com/vulnerability/169e5756-4e12-4add-82e9-47471c30f08c/

Configurations

No configuration.

History

30 Jul 2024, 13:32

Type	Values Removed	Values Added
Summary		(es) El complemento de WordPress pmpro-member-directory anterior a 1.2.6 no impide que los usuarios con al menos el rol de colaborador filtren información confidencial de otros usuarios, incluidos los hashes de contraseñas.

30 Jul 2024, 06:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-07-30 06:15

Updated : 2024-07-30 13:32

NVD link : CVE-2024-1287

Mitre link : CVE-2024-1287

CVE.ORG link : CVE-2024-1287

JSON object : View

Products Affected

No product.

CWE

No CWE.

JSON object

Attach tags to CVE-2024-1287

Attach tags to `CVE-2024-1287`