The vulnerability identified as CVE-2024-31247 in the FG Drupal to WordPress plugin allows sensitive information to be written into log files, classified under CWE-532. This can lead to unintended exposure of confidential data if log files are accessed by unauthorized parties. The affected versions include all releases up to 3.70.3. The CVSS 3.1 base score is 5.3, reflecting a network attack vector with low complexity, no privileges required, no user interaction, and an impact limited to confidentiality loss. No vendor advisory or patch information is currently available, and the plugin is not a cloud service, so remediation depends on vendor updates or user action.

The vulnerability may lead to disclosure of sensitive information through log files, potentially exposing confidential data to unauthorized users who can access these logs. There is no indication of impact on integrity or availability. The medium severity rating and CVSS score of 5.3 reflect a moderate confidentiality impact without requiring privileges or user interaction.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, users should consider restricting access to log files to trusted personnel only and monitor for any updates from the vendor. No official remediation or temporary fix is currently documented.