CVE-2024-1984

MEDIUM

Graphene Theme <2.9.2 - Info Disclosure

Title source: llm
STIX 2.1

Description

The Graphene theme for WordPress is vulnerable to unauthorized access of data via meta tag in all versions up to, and including, 2.9.2. This makes it possible for unauthenticated individuals to obtain post contents of password protected posts via the generated source.

Scores

CVSS v3 5.3
EPSS 0.0052
EPSS Percentile 40.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-862
Status published
Products (1)
silverks/Graphene < 2.9.2
Published Apr 09, 2024
Tracked Since Feb 18, 2026