CVE Vulnerabilities

CVE-2024-1330

Published: Jun 27, 2024 | Modified: Mar 13, 2025
CVSS 3.x
4.3
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io minimus.io echohq.com

The kadence-blocks-pro WordPress plugin before 2.3.8 does not prevent users with at least the contributor role using some of its shortcodes functionalities to leak arbitrary options from the database.

Affected Software

Name Vendor Start Version End Version
Kadence_blocks_pro Kadencewp * 2.3.8 (excluding)

References