CVE-2024-34383 – WordPress SEOPress plugin <= 7.7.1 - Sensitive Data Exposure vulnerability

https://notcve.org/view.php?id=CVE-2024-34383

Authorization Bypass Through User-Controlled Key vulnerability in The SEO Guys at SEOPress SEOPress.This issue affects SEOPress: from n/a through 7.7.1. Vulnerabilidad de omisión de autorización a través de clave controlada por el usuario en The SEO Guys en SEOPress SEOPress. Este problema afecta a SEOPress: desde n/a hasta 7.6.1. The SEOPress – On-site SEO plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.6.1. This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/vulnerability/wp-seopress/wordpress-seopress-plugin-7-6-1-sensitive-data-exposure-vulnerability?_s_id=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-639: Authorization Bypass Through User-Controlled Key •