CVE-2021-24781

Summary

The Image Source Control WordPress plugin before 2.3.1 allows users with a role as low as Contributor to change arbitrary post meta fields of arbitrary posts (even those they should not be able to edit)

Affected Software

VendorProductVersion RangeStatus
UnknownImage Source Control2.3.1 < 2.3.1affected

Weaknesses

  • CWE-284: CWE-284 Improper Access Control

ADP Enrichment

CVE Program Container

Additional References

References