What the vulnerability does
01Description
Insertion of Sensitive Information Into Sent Data vulnerability in WPDeveloper Templately allows Retrieve Embedded Sensitive Data. This issue affects Templately: from n/a through 3.2.7.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
What the vulnerability does
Insertion of Sensitive Information Into Sent Data vulnerability in WPDeveloper Templately allows Retrieve Embedded Sensitive Data. This issue affects Templately: from n/a through 3.2.7.
Explanation of Vulnerability in Simple Terms
Templately versions up to 3.2.7 contain a critical vulnerability that allows unauthenticated attackers to read sensitive data, modify site content, and disrupt service without requiring user interaction. The vulnerability affects the core functionality of the plugin and can impact the entire site. Update to version 3.6.6 or later immediately.
What an attacker can do
Read sensitive data, modify or delete site content, and disrupt service without authentication.
Potential impact on your site
Complete compromise of site data, content, and availability without warning or user action needed.
Conditions required to exploit
Network access only; no authentication or user interaction required.
Key dates
External resources
Related vulnerabilities