Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistWPScanCVELIST:CVE-2021-24207
HistoryApr 05, 2021 - 6:27 p.m.

CVE-2021-24207 WP Page Builder < 1.2.4 - Insecure default configuration Allows Subscribers Editing Access to Posts

2021-04-0518:27:46
CWE-863
WPScan
www.cve.org

4.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

24.9%

JSON

By default, the WP Page Builder WordPress plugin before 1.2.4 allows subscriber-level users to edit and make changes to any and all posts pages - user roles must be specifically blocked from editing posts and pages.

CNA Affected

[
  {
    "product": "WP Page Builder",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThan": "1.2.4",
        "status": "affected",
        "version": "1.2.4",
        "versionType": "custom"
      }
    ]
  }
]

Related

wpexploit 1
wpvulndb 1
patchstack 1
nvd 1
cve 1
prion 1
wpexploit
wpexploit
WP Page Builder < 1.2.4 - Insecure default configuration Allows Subscribers Editing Access to Posts
2021-03-17 00:00:00
wpvulndb
wpvulndb
WP Page Builder < 1.2.4 - Insecure default configuration Allows Subscribers Editing Access to Posts
2021-03-17 00:00:00
patchstack
patchstack
WordPress WP Page Builder plugin <= 1.2.3 - Insecure Default Configuration vulnerability
2021-04-08 00:00:00
nvd
nvd
CVE-2021-24207
2021-04-05 19:15:17
cve
cve
CVE-2021-24207
2021-04-05 19:15:17
prion
prion
Default credentials
2021-04-05 19:15:00

4.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

24.9%

JSON
Related for CVELIST:CVE-2021-24207
wpexploit1wpvulndb1patchstack1nvd1cve1prion1