{"uuid": "0069fc9f-3de8-4076-89d6-667e16563649", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13796", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5837", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13796\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: The Post Grid and Gutenberg Blocks \u2013 ComboBlocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.6 via the /wp-json/post-grid/v2/get_users REST API This makes it possible for unauthenticated attackers to extract sensitive data including including emails and other user data.\n\ud83d\udccf Published: 2025-02-28T04:21:55.558Z\n\ud83d\udccf Modified: 2025-02-28T04:21:55.558Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/0407223a-cd41-43d1-87b0-d6b83b57d4b3?source=cve\n2. https://plugins.trac.wordpress.org/browser/post-grid/trunk/includes/blocks/functions-rest.php?rev=3242718#L2055\n3. https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3245187%40post-grid&new=3245187%40post-grid&sfp_email=&sfph_mail=", "creation_timestamp": "2025-02-28T05:26:34.000000Z"}