CVE-2021-24781
Summary
The Image Source Control WordPress plugin before 2.3.1 allows users with a role as low as Contributor to change arbitrary post meta fields of arbitrary posts (even those they should not be able to edit)
- LOW
- NETWORK
- LOW
- UNCHANGED
- NONE
- LOW
- NONE
- NONE
References
Advisory Timeline
- Published