Description
blog/rsslib.php in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 continues to provide a blog RSS feed after blogging is disabled, which allows remote attackers to obtain sensitive information by reading this feed.
Remediation
References
Related Vulnerabilities
Jetty Weak Authentication Vulnerability (CVE-2023-41900)
WordPress Plugin Woocommerce CSV importer Unspecified Vulnerability (3.4.0)
WordPress Plugin SP Project & Document Manager SQL Injection (2.5.3)
OpenSSL Possible denial of service attack Vulnerability (CVE-2020-1971)
WordPress Plugin WP-Predict 'predictId' Parameter Blind SQL Injection (1.0)