cvedb.io
CVE-2023-1371
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2023-04-17T13:15:38.290 · Last modified 2026-06-17T05:27:47.987

Summary

The W4 Post List WordPress plugin before 2.4.6 does not ensure that password protected posts can be accessed before displaying their content, which could allow any authenticated users to access them

Affected products

w4_post_list_project — w4_post_list

Does this affect you?

Add your gear to cvedb and we'll alert you only when w4_post_list_project ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.