{"vulnerability": "CVE-2020-1370", "sightings": [{"uuid": "3c87a3b9-22c8-4af1-bcd9-90b196a2fb46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13700", "type": "seen", "source": "https://t.me/arpsyndicate/2162", "content": "#ExploitObserverAlert\n\nCVE-2020-13700\n\nDESCRIPTION: Exploit Observer has 8 entries related to CVE-2020-13700. An issue was discovered in the acf-to-rest-api plugin through 3.1.0 for WordPress. It allows an insecure direct object reference via permalinks manipulation, as demonstrated by a wp-json/acf/v3/options/ request that reads sensitive information in the wp_options table, such as the login and pass values.\n\nFIRST-EPSS: 0.018310000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-12-24T08:34:09.000000Z"}]}