{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T03:43:57.125","vulnerabilities":[{"cve":{"id":"CVE-2024-2107","sourceIdentifier":"security@wordfence.com","published":"2024-03-12T22:15:07.470","lastModified":"2026-04-08T18:20:58.400","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Blossom Spa theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.3 via generated source. This makes it possible for unauthenticated attackers to extract sensitive data including contents of password-protected or scheduled posts."},{"lang":"es","value":"El tema Blossom Spa para WordPress es vulnerable a la exposición de información confidencial en todas las versiones hasta la 1.3.4 incluida a través de la fuente generada. Esto hace posible que atacantes no autenticados extraigan datos confidenciales, incluido el contenido de publicaciones programadas o protegidas con contraseña."}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security@wordfence.com","type":"Primary","description":[{"lang":"en","value":"CWE-862"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:blossomthemes:blossom_spa:*:*:*:*:*:wordpress:*:*","versionEndExcluding":"1.3.4","matchCriteriaId":"28D237D5-91CF-47C8-B3E6-AC68DD39A05F"}]}]}],"references":[{"url":"https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=220138%40blossom-spa&new=220138%40blossom-spa&sfp_email=&sfph_mail=","source":"security@wordfence.com","tags":["Product"]},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5e54dbf9-a5d1-413d-96ac-93dd499c21a4?source=cve","source":"security@wordfence.com","tags":["Third Party Advisory"]},{"url":"https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=220138%40blossom-spa&new=220138%40blossom-spa&sfp_email=&sfph_mail=","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5e54dbf9-a5d1-413d-96ac-93dd499c21a4?source=cve","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}