CVE-2021-24800
N/A
N/A
Summary
The DW Question & Answer Pro WordPress plugin through 1.3.4 does not check that the comment to edit belongs to the user making the request, allowing any user to edit other comments.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Unknown | DW Question Answer Pro | 1.3.4 <= 1.3.4 | affected |
Weaknesses
- CWE-639: CWE-639 Authorization Bypass Through User-Controlled Key
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.