CVE-2024-2950

Name of the Vulnerable Software and Affected Versions The BoldGrid Easy SEO plugin for WordPress versions up to, and including, 1.6.14

Description The issue allows unauthenticated attackers to view the first 130 characters of a password-protected post, which can contain sensitive information, via meta information (og:description).

Recommendations For versions up to, and including, 1.6.14, update to a version later than 1.6.14 to resolve the issue. As a temporary workaround, consider restricting access to meta information to minimize the risk of exploitation.