Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2021-24872
HistoryDec 13, 2021 - 11:15 a.m.

CVE-2021-24872

2021-12-1311:15:09
Google
osv.dev
5
wordpress
plugin vulnerability
unauthorized access

AI Score

6.6

Confidence

High

EPSS

0.001

Percentile

32.8%

JSON

The Get Custom Field Values WordPress plugin before 4.0 allows users with a role as low as Contributor to access other posts metadata without validating the permissions. Eg. contributors can access admin posts metadata.

Related

cvelist 1
cnvd 1
cve 1
prion 1
patchstack 1
wpvulndb 1
nvd 1
wpexploit 1
cvelist
cvelist
CVE-2021-24872 Get Custom Field Values < 4.0 - Contributors+ Arbitrary Post Metadata Access
2021-12-13 10:41:16
cnvd
cnvd
WordPress Get Custom Field Values plugin access control error vulnerability
2021-12-18 00:00:00
cve
cve
CVE-2021-24872
2021-12-13 11:15:09
prion
prion
Design/Logic Flaw
2021-12-13 11:15:00
patchstack
patchstack
WordPress Get Custom Field Values plugin <= 3.9.4 - Arbitrary Post Metadata Access vulnerability
2021-11-09 00:00:00
wpvulndb
wpvulndb
Get Custom Field Values < 4.0 - Contributors+ Arbitrary Post Metadata Access
2021-11-09 00:00:00
nvd
nvd
CVE-2021-24872
2021-12-13 11:15:09
wpexploit
wpexploit
Get Custom Field Values < 4.0 - Contributors+ Arbitrary Post Metadata Access
2021-11-09 00:00:00

AI Score

6.6

Confidence

High

EPSS

0.001

Percentile

32.8%

JSON
Related for OSV:CVE-2021-24872
cvelist1cnvd1cve1prion1patchstack1wpvulndb1nvd1wpexploit1