Ver todas as ameaças

CVE-2021-24501

Alvo: Não informado

Descrição

The Workreap WordPress theme before 2.2.2 had several AJAX actions missing authorization checks to verify that a user was authorized to perform critical operations such as modifying or deleting objects. This allowed a logged in user to modify or delete objects belonging to other users on the site.

Software
Não informado
Tipo Software
Tema
CVE
CVE-2021-24501
Tags
Nâo informado
Data de publicação
09/08/2021
Última atualização
01/12/2024
Pontuação em CVSS 3.0
8.1
Alto
Rolar para cima