WordPress Core is vulnerable to a potential information leak through its REST-API in versions up to 6.0.3. If you have access to certain details such as terms and tags for a post, it is possible to see information about posts that don’t belong to you, even if they are marked as private. This does not reveal any sensitive information.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
