Description The Astra Bulk Edit plugin for WordPress is vulnerable to unauthorized missing authorization due to a missing capability check on the save_post_bulk_edit function in versions up to, and including, 1.2.7. This makes it possible for attackers with contributor-level access or higher to bulk edit posts.
CPE | Name | Operator | Version |
---|---|---|---|
eq | 1.2.8 |