CVE-2024-1587 – Newsmatic <= 1.3.4 - Unauthenticated Information Exposure via newsmatic_filter_posts_load_tab_content

https://notcve.org/view.php?id=CVE-2024-1587

25 Mar 2024 — The Newsmatic theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.0 via the 'newsmatic_filter_posts_load_tab_content'. This makes it possible for unauthenticated attackers to view draft posts and post content. El tema Newsmatic para WordPress es vulnerable a la exposición de información confidencial en todas las versiones hasta la 1.3.0 incluida a través de 'newsmatic_filter_posts_load_tab_content'. Esto hace posible que atacantes no autenticados vea... • https://themes.trac.wordpress.org/browser/newsmatic/1.3.0/inc/template-functions.php#L634 • CWE-862: Missing Authorization •