cvedb.io
CVE-2023-1426
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2023-04-10T14:15:09.517 · Last modified 2026-06-17T05:27:56.030

Summary

The WP Tiles WordPress plugin through 1.1.2 does not ensure that posts to be displayed are not draft/private, allowing any authenticated users, such as subscriber to retrieve the titles of draft and privates posts for example. AN attacker could also retrieve the title of any other type of post.

Affected products

keetrax — wp_tiles

Does this affect you?

Add your gear to cvedb and we'll alert you only when keetrax ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.