cleantalk
Vulnerabilities and Security Researches

Content No Cache: prevent specific content from being cached, CVE-2024-12103

CVE, Research URL

CVE-2024-12103

Home page URL

Security reports for Content No Cache: prevent specific content from being cached

Application

Content No Cache: prevent specific content from being cached

Published on
Dec 24, 2024
Research Description
The Content No Cache: prevent specific content from being cached plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 0.1.2 via the eos_dyn_get_content action due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to extract data from password protected, private, or draft posts that they should not have access to.
Affected versions
Min -, max 0.1.3.
Status
vulnerable
Previous vulnerability researches
Content No Cache: prevent specific content from being cached (CVE-2025-28993) , Jul 02, 2025
Content No Cache: prevent specific content from being cached (CVE-2024-12103) , Dec 25, 2024
New vulnerability
Off-Canvas Sidebars & Menus (Slidebars) (CVE-2025-49290) , Jul 03, 2025
Accept Stripe Payments Using Contact Form 7 (CVE-2025-53309) , Jul 03, 2025
Opal Estate Pro – Property Management and Submission (CVE-2025-6934) , Jul 03, 2025
TM Replace Howdy (CVE-2025-49972) , Jul 03, 2025
VG WORT METIS (CVE-2025-50039) , Jul 03, 2025