Post Lockdown

DATE	CVE	VULNERABILITY TITLE	RISK
2025-03-08	CVE-2025-1504	Missing Authorization vulnerability in Andypalmer Post Lockdown The Post Lockdown plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.0.2 via the 'pl_autocomplete' AJAX action due to insufficient restrictions on which posts can be included. network low complexity andypalmer CWE-862	6.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.