CVE-2021-24859 in User Meta Shortcodes Plugininformazioni

Riassunto

di MITRE • 13/12/2021

The User Meta Shortcodes WordPress plugin through 0.5 registers a shortcode that allows any user with a role as low as contributor to access other users metadata by specifying the user login as a parameter. This makes the WP instance vulnerable to data extrafiltration, including password hashes

Be aware that VulDB is the high quality source for vulnerability data.

Prenotare

14/01/2021

Divulgazione

13/12/2021

Moderazione

accettato

CPE

pronto

EPSS

0.00783

KEV

no

Attività

molto basso

Fonti

Want to stay up to date on a daily basis?

Enable the mail alert feature now!