CVE-2021-24800

Summary

The DW Question & Answer Pro WordPress plugin through 1.3.4 does not check that the comment to edit belongs to the user making the request, allowing any user to edit other comments.

Affected Software

VendorProductVersion RangeStatus
UnknownDW Question Answer Pro1.3.4 <= 1.3.4affected

Weaknesses

  • CWE-639: CWE-639 Authorization Bypass Through User-Controlled Key

ADP Enrichment

CVE Program Container

Additional References

References