Unauthenticated Sensitive Information Disclosure on █████████ CVE-2021-38314

Report #1452774 was a validated security vulnerability that affected ██████████. The researcher identified an unauthenticated sensitive information disclosure issue (CVE-2021-38314) in the Gutenberg Template Library & Redux Framework plugin version 4.2.11 and below. Vulnerability Details: The plugin registered several AJAX actions that were accessible to unauthenticated users. These actions used predictable endpoints based on md5 hashes of the site URL with known salt values ('-redux' and '-support'). This allowed attackers to retrieve sensitive system information without authentication.