CVE-2024-1526 – Hubbub Lite < 1.33.1 - Unauthenticated Password Protected Posts Access

https://notcve.org/view.php?id=CVE-2024-1526

The Hubbub Lite WordPress plugin before 1.33.1 does not ensure that user have access to password protected post before displaying its content in a meta tag. El complemento Hubbub Lite de WordPress anterior a 1.33.1 no garantiza que el usuario tenga acceso a una publicación protegida con contraseña antes de mostrar su contenido en una metaetiqueta. The Hubbub Lite – Fast, Reliable Social Sharing Buttons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.33.0 via opengraph tags. This makes it possible for unauthenticated attackers to view short excerpts of password protected posts. • https://wpscan.com/vulnerability/1664697e-0ea3-4d09-b2fd-153a104ec255 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •