Security Advisory

CVE-2024-1564

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-03-25 05:00:01

Last updated 2024-08-09 20:21:19

Assigner WPScan

State PUBLISHED

Description

The wp-schema-pro WordPress plugin before 2.7.16 does not validate post access allowing a contributor user to access custom fields on any post regardless of post type or status via a shortcode

← Browse all CVEs View on cve.org ↗