WordPress Plugin Vulnerabilities
Broadstreet < 1.53.2 - Authenticated (Subscriber+) Private Post Meta Disclosure via get_sponsored_meta
Description
The Broadstreet plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.52.2 via the get_sponsored_meta AJAX action due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to disclose any private post metadata.
Affects Plugins
References
Classification
Type
IDOR
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
Tarcísio Luchesi De Almeida Silva (Poystick)
Verified
No
WPVDB ID
Timeline
Publicly Published
2026-05-20 (about 1 month ago)
Added
2026-05-20 (about 1 month ago)
Last Updated
2026-05-21 (about 1 month ago)