WordPress Bulk Datetime Change plugin licensing issue vulnerability

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. An authorization issue vulnerability exists in the WordPress Bulk Datetime Change plugin, which stems from a...

CVE-2021-24842

The Bulk Datetime Change WordPress plugin before 1.12 does not enforce capability checks which allows users with Contributor roles to 1 list private post titles of other users and 2 change the posted date of other users' posts...

CVE-2021-24842

The Bulk Datetime Change WordPress plugin before 1.12 does not enforce capability checks which allows users with Contributor roles to 1 list private post titles of other users and 2 change the posted date of other users' posts...

CVE-2021-24842

The CVE-2021-24842 entry concerns the WordPress Bulk Datetime Change plugin (versions before 1.12). The vulnerability arises from missing capability checks, enabling users with Contributor roles to: 1) list private post titles of other users, and 2) change the posted date of other users’ posts. I...

PT-2021-16324 · WordPress · Bulk Datetime Change

Name of the Vulnerable Software and Affected Versions: Bulk Datetime Change WordPress plugin versions prior to 1.12 Description: The issue allows users with Contributor roles to list private post titles of other users and change the posted date of other users' posts due to a lack of capability...

WordPress plugin Bulk Datetime Change 安全漏洞

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. An authorization issue vulnerability exists in the WordPress Bulk Datetime Change plugin, which stems from a...

Bulk Datetime Change < 1.12 - Missing Authorisation

The plugin does not enforce capability checks which allows users with Contributor roles to 1 list private post titles of other users and 2 change the posted date of other users' posts. Run on "Bulk Datetime Change" page: jQuery.post"https://example.com/wp-admin/admin.php?page=bulkdatetimechange",...

WordPress Bulk Datetime Change plugin <= 1.11 - Missing Authorization vulnerability

Missing Authorization vulnerability discovered by apple502j in WordPress Bulk Datetime Change plugin versions = 1.11. Solution Update the WordPress Bulk Datetime Change plugin to the latest available version at least 1.12...