[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fugFrB_TaDJwNd_YCwhhlmcuEhGwdaBqhRPD2HEZb_zo":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2024-6477","userswp-front-end-login-form-user-registration-user-profile-members-directory-plugin-for-wp-unauthenticated-information-","UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP \u003C= 1.2.11 - Unauthenticated Information Disclosure via Unprotected Directories","The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.11due to insufficient protections on the '\u002Fuploads\u002Fcache\u002F' directory. This makes it possible for unauthenticated attackers to extract sensitive data from user exports.","userswp",null,"\u003C=1.2.11","1.2.12","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Exposure of Sensitive Information to an Unauthorized Actor","2024-07-13 00:00:00","2024-08-09 20:58:06",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fd95295ed-4878-414d-be6b-bfb3e9076cca?source=api-prod",28]