RSS   Vulnerabilities for 'Countdown block'   RSS

2021-09-27
 
CVE-2021-24633

CWE-862
 

 
The Countdown Block WordPress plugin before 1.1.2 does not have authorisation in the eb_write_block_css AJAX action, which allows any authenticated user, such as Subscriber, to modify post contents displayed to users.

 

 >>> Vendor: Wpdeveloper 7 Products
Twitter cards meta
Simple 301 redirects
Essential addons for elementor
Countdown block
Betterlinks
Notificationx
Embedpress


Copyright 2024, cxsecurity.com

 

Back to Top