CVE-2024-13228

MEDIUM Year: 2024
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-359
View all →

Vulnerability Description

The Qubely – Advanced Gutenberg Blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.13 via the 'qubely_get_content'. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, scheduled, password-protected, draft, and trashed post data.

Related Vulnerabilities

CVE-2022-20942

MEDIUM
CVSS:6.5(Medium)

A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security ...

CWE-3592022

CVE-2023-22918

MEDIUM
CVSS:6.5(Medium)

A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W)...

CWE-3592023

CVE-2024-27850

MEDIUM
CVSS:6.5(Medium)

This issue was addressed with improvements to the noise injection algorithm. This issue is fixed in visionOS 1.2, macOS Sonoma 14.5, Safari 17.5, iOS 17.5 and iPadOS 17.5. A maliciously crafted webpag...

CWE-3592024

CVE-2024-29987

MEDIUM
CVSS:6.5(Medium)

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

CWE-3592024

CVE-2024-42347

MEDIUM
CVSS:6.5(Medium)

matrix-react-sdk is a react-based SDK for inserting a Matrix chat/voip client into a web page. A malicious homeserver could manipulate a user's account data to cause the client to enable URL previews ...

CWE-3592024

CVE-2024-45787

HIGH
CVSS:6.5(Medium)

This vulnerability exists in Reedos aiM-Star version 2.0.1 due to transmission of sensitive information in plain text in certain API endpoints. An authenticated remote attacker could exploit this vuln...

CWE-3592024