Headline
CVE-2023-0557: Diff [2844028:2851006] for contentstudio/trunk – WordPress Plugin Repository
The ContentStudio plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.2.5. This could allow unauthenticated attackers to obtain a nonce needed for the creation of posts.
1 <svg id="logo_icon" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 255.002 255.001"> 2 <defs> 3 <style> 4 .cls-1 { 5 fill: #0093f6; 6 } 7 </style> 8 </defs> 9 <g id="Group_539" data-name="Group 539" transform="translate(0 0)“> 10 <path id="Path_469” data-name="Path 469" class="cls-1" d="M76.942,27.5A30.537,30.537,0,0,0,46.494,57.948V252.053A30.537,30.537,0,0,0,76.942,282.5H271.048A30.537,30.537,0,0,0,301.5,252.053V57.948A30.537,30.537,0,0,0,271.048,27.5ZM174,245.583A90.582,90.582,0,1,1,264.578,155,90.582,90.582,0,0,1,174,245.583Z" transform="translate(-46.494 -27.5)“/> 11 </g> 12 <g id="Group_543” data-name="Group 543" transform="translate(62.109 80.88)“> 13 <g id="Group_540” data-name="Group 540" transform="translate(79.876 26.322)“> 14 <path id="Path_470” data-name="Path 470" class="cls-1" d="M259.069,225.649c-6.094,8.51-15.885,12.031-21.758,7.824s-5.693-14.61.4-23.12l23.215-32.419c6.094-8.509,15.886-12.03,21.759-7.824s5.693,14.61-.4,23.12Z" transform="translate(-233.021 -168.334)“/> 15 </g> 16 <g id="Group_541” data-name="Group 541" transform="translate(40.187 12.559)“> 17 <path id="Path_471” data-name="Path 471" class="cls-1" d="M206.93,207.569c-6.094,8.51-15.885,12.031-21.759,7.825s-5.693-14.61.4-23.12l23.217-32.419c6.093-8.509,15.886-12.031,21.76-7.825s5.694,14.609-.4,23.118Z" transform="translate(-180.881 -150.253)“/> 18 </g> 19 <g id="Group_542” data-name="Group 542"> 20 <path id="Path_472" data-name="Path 472" class="cls-1" d="M154.135,191.071c-6.093,8.51-15.885,12.031-21.758,7.823s-5.693-14.611.4-23.121l23.214-32.418c6.093-8.509,15.885-12.03,21.76-7.824s5.694,14.61-.4,23.12Z" transform="translate(-128.087 -133.754)“/> 21 </g> 22 </g> 1<svg width="255” height="255" viewBox="0 0 255 255" fill="none" xmlns="http://www.w3.org/2000/svg"> 2<rect x="255" y="255" width="255" height="255" rx="15" transform="rotate(-180 255 255)" fill="#0068E5"/> 3<path d="M36.8335 125.566C36.8335 75.3684 77.5268 34.6752 127.724 34.6752V34.6752C177.922 34.6752 218.615 75.3684 218.615 125.566V129.434C218.615 179.631 177.922 220.325 127.724 220.325V220.325C77.5268 220.325 36.8335 179.631 36.8335 129.434V125.566Z" fill="white"/> 4<path d="M144.85 163.146C140.113 159.883 138.962 153.46 142.279 148.8L168.7 111.676C172.017 107.016 178.545 105.884 183.281 109.147C188.018 112.41 189.169 118.832 185.852 123.492L159.431 160.616C156.114 165.276 149.586 166.409 144.85 163.146Z" fill="#0068E5"/> 5<path d="M110.223 154.281C105.487 151.018 104.336 144.596 107.652 139.936L134.074 102.812C137.391 98.1517 143.919 97.0192 148.655 100.282C153.391 103.545 154.542 109.967 151.226 114.627L124.804 151.752C121.488 156.411 114.96 157.544 110.223 154.281Z" fill="#0068E5"/> 6<path d="M75.5971 145.415C70.8607 142.152 69.7096 135.73 73.0261 131.07L99.4478 93.9458C102.764 89.286 109.292 88.1535 114.029 91.4164C118.765 94.6792 119.916 101.102 116.6 105.762L90.178 142.886C86.8615 147.546 80.3334 148.678 75.5971 145.415Z" fill="#0068E5"/>