Lucene search
WPScanCVELIST:CVE-2024-1564HistoryMar 25, 2024 - 5:00 a.m.
CVE-2024-1564 Schema Pro < 2.7.16 - Contributor+ Custom Field Access
2024-03-2505:00:01
WPScan
www.cve.org
2
cve-2024-1564
schema pro
contributor access
custom fields
wordpress plugin
The wp-schema-pro WordPress plugin before 2.7.16 does not validate post access allowing a contributor user to access custom fields on any post regardless of post type or status via a shortcode
CNA Affected
[
{
"vendor": "Unknown",
"product": "wp-schema-pro",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThan": "2.7.16"
}
],
"defaultStatus": "unaffected"
}
]Related
nvd
nvd
CVE-2024-1564
2024-03-25 05:15:50
wpexploit
wpexploit
Schema Pro < 2.7.16 - Contributor+ Custom Field Access
2024-03-04 00:00:00
vulnrichment
vulnrichment
CVE-2024-1564 Schema Pro < 2.7.16 - Contributor+ Custom Field Access
2024-03-25 05:00:01
cve
cve
CVE-2024-1564
2024-03-25 05:15:50
wpvulndb
wpvulndb
Schema Pro < 2.7.16 - Contributor+ Custom Field Access
2024-03-04 00:00:00
wordfence
wordfence