CVE-2021-24546
N/A
N/A
Summary
The Gutenberg Block Editor Toolkit – EditorsKit WordPress plugin before 1.31.6 does not sanitise and validate the Conditional Logic of the Custom Visibility settings, allowing users with a role as low contributor to execute Arbitrary PHP code
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Unknown | Gutenberg Block Editor Toolkit – EditorsKit | 1.31.6 < 1.31.6 | affected |
Weaknesses
- CWE-94: CWE-94 Improper Control of Generation of Code ('Code Injection')
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.