{"vulnerability": "CVE-2020-36730", "sightings": [{"uuid": "1ea302d5-a451-47e7-960d-0e4f8d043466", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-36730", "type": "seen", "source": "https://t.me/cibsecurity/65024", "content": "\u203c CVE-2020-36730 \u203c\n\nThe CMP for WordPress is vulnerable to authorization bypass due to a missing capability check on the cmp_get_post_detail(), niteo_export_csv(), and cmp_disable_comingsoon_ajax() functions in versions up to, and including, 3.8.1. This makes it possible for unauthenticated attackers to read posts, export subscriber lists, and/or deactivate the plugin.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-07T07:29:48.000000Z"}]}