PT-2024-17947 · Unknown · Kadence-Blocks-Pro

Scott Kingsley Clark

Published

2024-06-27

Updated

2024-06-28

CVE-2024-1330

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions kadence-blocks-pro versions prior to 2.3.8

Description The issue allows users with at least the contributor role to leak arbitrary options from the database using certain shortcode functionalities.

Recommendations For versions prior to 2.3.8, update to version 2.3.8 or later to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2024-1330

Affected Products

Kadence-Blocks-Pro

PT-2024-17947 · Unknown · Kadence-Blocks-Pro

CVE-2024-1330

Related Identifiers

Affected Products

References · 4