Vulnerability CVE-2024-0421
Published: 2024-02-12

Description:
The MapPress Maps for WordPress plugin before 2.88.16 does not ensure that posts to be retrieve via an AJAX action is a public map, allowing unauthenticated users to read arbitrary private and draft posts.

 References:
https://wpscan.com/vulnerability/587acc47-1966-4baf-a380-6aa479a97c82/
Copyright 2026, cxsecurity.com

 

Back to Top