Blocksy Companion, CVE-2023-1911

CVE, Research URL: CVE-2023-1911
Home page URL: Security reports for Blocksy Companion
Application: Blocksy Companion
Published on: May 02, 2023
Research Description: The Blocksy Companion WordPress plugin before 1.8.82 does not ensure that posts to be accessed via a shortcode are already public and can be viewed, allowing any authenticated users, such as subscriber to access draft posts for example
Affected versions: max 1.8.82.
Status: vulnerable