CVE-2023-7072

The Post Grid Combo – 36+ Gutenberg Blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.68 via the 'get_posts' REST API Endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including full draft posts and password protected posts, as well as the password for password-protected posts.


We have discovered 1 live websites that are affected by CVE-2023-7072.

Contact us to get more info




Affected Software

Product  Post Grid
Category Wordpress Plugins
Vulnerable Domains1 live websites (0.96% of Post Grid install base)
Vulnerable Versions
  • from 0 through 2.2.68
Vulnerable Versions Count1 versions ( 2.00% of all versions)



Details

  • Published - Mar 12, 2024
  • Updated - Aug 28, 2024

Credits

  • Hung -mov Nguyen (finder)

CVE-2023-7072 usage by Country

United States1 websites

CVE-2023-7072 usage by TLD

.com1 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2023-7072

Top websites that are affected by CVE-2023-7072. Please click on the "Contact us" link to get more information.
DomainCountryRankContacts
******.com United States**,***,***
See full domain list

FAQ

A total of 1 websites have been identified as vulnerable to CVE-2023-7072, discovered through global website indexing conducted by WebTechSurvey.
Post Grid is susceptible to CVE-2023-7072 vulnerability.
Post Grid versions before, and including, 2.2.68 are vulnerable to CVE-2023-7072.