CVE-2024-3679

Published: Aug 29, 2024Modified: Apr 8, 2026

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

The Premium SEO Pack – WP SEO Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.002. This makes it possible for unauthenticated attackers to view limited information from password protected posts through the social meta data.

Affected (1)

Products: Squirrly: Wp Seo Plugin

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Squirrly Wp Seo Plugin	Up to 1.6.001

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (2)

https://wordpress.org/plugins/premium-seo-pack/

Source: security@wordfence.com

Product

https://www.wordfence.com/threat-intel/vulnerabilities/id/ccb65de5-bfb5-47db-87c9-ad46e65924b8?source=cve

Source: security@wordfence.com

Third Party Advisory

Timeline

No history available yet.