Vulnerabilities > CVE-2024-0910 - Unspecified vulnerability in Restrict for Elementor

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

restrict

NVD

Published: 2024-06-06

Updated: 2024-07-25

Summary

The Restrict for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.6 due to improper restrictions on hidden data that make it accessible through the REST API. This makes it possible for unauthenticated attackers to extract potentially sensitive data from post content.

Vulnerable Configurations

Part	Description	Count
Application	Restrict Restrict Restrict FOR Elementor *	1

References

https://www.wordfence.com/threat-intel/vulnerabilities/id/14993c04-7fe3-4c42-a605-2e431df14d79?source=cve
https://wordpress.org/plugins/restrict-for-elementor/