First published: Sat Feb 10 2024(Updated: )
The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the editor_html() function in all versions up to, and including, 6.1.7. This makes it possible for authenticated attackers, with subscriber-level access and above, to view password protected and draft posts.
Credit: security@wordfence.com
Affected Software | Affected Version | How to fix |
---|---|---|
Awesome Support | <6.1.8 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.