CVE-2024-11153

Name of the Vulnerable Software and Affected Versions The Content Control – The Ultimate Content Restriction Plugin! Restrict Content, Create Conditional Blocks & More plugin for WordPress versions prior to 2.5.1

Description The issue allows unauthenticated attackers to extract sensitive data from restricted posts via the WordPress core search feature. This affects posts that have been restricted to higher-level roles, such as logged-in users.

Recommendations For versions prior to 2.5.1, update to version 2.5.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the WordPress core search feature until the update is applied.