RSS   Vulnerabilities for 'Countdown block'   RSS

2021-09-27
 
CVE-2021-24633

CWE-862
 

 
The Countdown Block WordPress plugin before 1.1.2 does not have authorisation in the eb_write_block_css AJAX action, which allows any authenticated user, such as Subscriber, to modify post contents displayed to users.

 

 >>> Vendor: Wpdeveloper 5 Products
Twitter cards meta
Essential addons for elementor
Simple 301 redirects
Countdown block
Betterlinks


Copyright 2022, cxsecurity.com

 

Back to Top