CVE-2024-0212 – Cloudflare WordPress plugin enables information disclosure of Cloudflare API (for low privileged users)

https://notcve.org/view.php?id=CVE-2024-0212

04 Jan 2024 — The Cloudflare Wordpress plugin was found to be vulnerable to improper authentication. The vulnerability enables attackers with a lower privileged account to access data from the Cloudflare API. Se descubrió que el complemento Cloudflare Wordpress era vulnerable a una autenticación incorrecta. La vulnerabilidad permite a los atacantes con una cuenta con menos privilegios acceder a datos de la API de Cloudflare. The Cloudflare plugin for WordPress is vulnerable to unauthorized access of data due to a missing... • https://github.com/cloudflare/Cloudflare-WordPress/releases/tag/v4.12.3 • CWE-284: Improper Access Control CWE-862: Missing Authorization •