[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fdBBp1pRbtIgloSIxYczBJcHVoTYrUVPkTmVbTBknQ8A":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2024-35710","podlove-web-player-missing-authorization-to-unauthenticated-information-exposure","Podlove Web Player \u003C= 5.7.3 - Missing Authorization to Unauthenticated Information Exposure","The Podlove Web Player plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the \u002Fshortcode REST API endpoint in all versions up to, and including, 5.7.3. This makes it possible for unauthenticated attackers to view information they should not have access to.","podlove-web-player",null,"\u003C=5.7.3","5.7.4","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Missing Authorization","2024-06-06 00:00:00","2024-06-13 14:54:24",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F0e2cf779-2355-461f-a289-11612e15acc6?source=api-prod",8]