CVE-2024-0836 in Review & Structure Data Schema Plugininfo

Zusammenfassung

von MITRE • 31.01.2024

The WordPress Review & Structure Data Schema Plugin – Review Schema plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the rtrs_review_edit() function in all versions up to, and including, 2.1.14. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify arbitrary reviews.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Zuständig

Wordfence

Reservieren

23.01.2024

Veröffentlichung

31.01.2024

Moderieren

akzeptiert

Eintrag

VDB-252452

CPE

bereit

EPSS

0.00428

KEV

nein

Aktivitäten

very low

Quellen

Do you know our Splunk app?

Download it now for free!