The Image Source Control WordPress plugin before 2.3.1 allows users with a role as low as Contributor to change arbitrary post meta fields of arbitrary posts (even those they should not be able to edit)
4.3CVSS
4.6AI Score
0.001EPSS
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Thomas Maier Image Source Control Lite β Show Image Credits and Captions.This issue affects Image Source Control Lite β Show Image Credits and Captions: from n/a through 2.17.0.
7.5CVSS
7.6AI Score
0.001EPSS