Lucene search
WPScanCVELIST:CVE-2021-24819HistoryDec 13, 2021 - 10:41 a.m.
CVE-2021-24819 Page/Post Content Shortcode <= 1.0 - Contributor+ Arbitrary Posts/Pages Access
2021-12-1310:41:02
CWE-863
WPScan
www.cve.org
2
wordpress
plugin
cve-2021-24819
authorisation issue
posts/pages access
contributor
arbitrary access
The Page/Post Content Shortcode WordPress plugin through 1.0 does not have proper authorisation in place, allowing users with a role as low as contributor to access draft/private/password protected/trashed posts/pages they should not be allowed to, including posts created by other users such as admins and editors.
CNA Affected
[
{
"product": "Page/Post Content Shortcode",
"vendor": "Unknown",
"versions": [
{
"lessThanOrEqual": "1.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
}
]Related
cnvd
cnvd
wpvulndb
wpvulndb
prion
prion
Default credentials
2021-12-13 11:15:00
patchstack
patchstack
cve
cve
CVE-2021-24819
2021-12-13 11:15:08
wpexploit
wpexploit
nvd
nvd
CVE-2021-24819
2021-12-13 11:15:08