CVE-2024-0687

Name of the Vulnerable Software and Affected Versions Restrict User Access – Ultimate Membership & Content Protection plugin for WordPress versions up to, and including, 2.5

Description The issue allows unauthenticated attackers to obtain the contents of posts and pages via the API. This is an Information Exposure issue, making sensitive data accessible without proper authorization.

Recommendations For versions up to, and including, 2.5, update to a version later than 2.5 to resolve the issue. As a temporary workaround, consider restricting access to the API endpoints to minimize the risk of exploitation.