CVE-2024-0910

Name of the Vulnerable Software and Affected Versions Restrict for Elementor plugin for WordPress versions 1.0.0 through 1.0.6

Description The issue concerns Sensitive Information Exposure due to improper restrictions on hidden data, making it accessible through the REST API. This allows unauthenticated attackers to extract potentially sensitive data from post content.

Recommendations For versions 1.0.0 through 1.0.6, update to a version later than 1.0.6 to resolve the issue. As a temporary workaround, consider restricting access to the REST API until a patch is available.