3 matches found
CVE-2024-1564 Schema Pro < 2.7.16 - Contributor+ Custom Field Access
The wp-schema-pro WordPress plugin before 2.7.16 does not validate post access allowing a contributor user to access custom fields on any post regardless of post type or status via a shortcode...
CVE-2024-1564 Schema Pro < 2.7.16 - Contributor+ Custom Field Access
The wp-schema-pro WordPress plugin before 2.7.16 does not validate post access allowing a contributor user to access custom fields on any post regardless of post type or status via a shortcode...
WordPress Schema Pro Plugin < 2.7.16 is vulnerable to Broken Access Control
Software Schema Pro Type Plugin Vulnerable versions 2.7.16 Fixed in 2.7.16 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-1564 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 68dac5194d9b Credits Scott Kingsley Clark Required...