The Gutenberg Template Library & Redux Framework plugin <= 4.2.11 for WordPress used an incorrect authorization check in the REST API endpoints registered under the โredux/v1/templates/โ REST Route in โredux-templates/classes/class-api.phpโ. The permissions_callback used in this file only checke...
7.1CVSS
5.7AI Score
0.001EPSS
The Gutenberg Template Library & Redux Framework plugin <= 4.2.11 for WordPress registered several AJAX actions available to unauthenticated users in the includes function in redux-core/class-redux-core.php that were unique to a given site but deterministic and predictable given that they were b...
5.3CVSS
5.3AI Score
0.002EPSS