CVE-2021-24842

The Bulk Datetime Change WordPress plugin before 1.12 does not enforce capability checks which allows users with Contributor roles to 1 list private post titles of other users and 2 change the posted date of other users' posts...

WordPress plugin Bulk Datetime Change 安全漏洞

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. An authorization issue vulnerability exists in the WordPress Bulk Datetime Change plugin, which stems from a...