Vulnerability Description
The BoldGrid Easy SEO – Simple and Effective SEO plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.6.14 via meta information (og:description) This makes it possible for unauthenticated attackers to view the first 130 characters of a password protected post which can contain sensitive information.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Boldgrid | Easy Seo | < 1.6.15 |
Related Weaknesses (CWE)
References
- https://plugins.trac.wordpress.org/browser/boldgrid-easy-seo/tags/1.6.15/includeProduct
- https://www.wordfence.com/threat-intel/vulnerabilities/id/d502e617-a59f-4385-b05Third Party Advisory
- https://plugins.trac.wordpress.org/browser/boldgrid-easy-seo/tags/1.6.15/includeProduct
- https://www.wordfence.com/threat-intel/vulnerabilities/id/d502e617-a59f-4385-b05Third Party Advisory
FAQ
What is CVE-2024-2950?
CVE-2024-2950 is a vulnerability with a CVSS score of 5.3 (MEDIUM). The BoldGrid Easy SEO – Simple and Effective SEO plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.6.14 via meta information (og:description) This make...
How severe is CVE-2024-2950?
CVE-2024-2950 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-2950?
Check the references section above for vendor advisories and patch information. Affected products include: Boldgrid Easy Seo.