CVE

CVE-2021-24842

admin

CVE-2021-24842

The Bulk Datetime Change WordPress plugin before 1.12 does not enforce capability checks which allows users with Contributor roles to 1) list private post titles of other users and 2) change the posted date of other users’ posts.

Source: CVE-2021-24842

Exit mobile version