CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-24872

The Get Custom Field Values WordPress plugin before 4.0 allows users with a role as low as Contributor to access other posts metadata without validating the permissions. Eg. contributors can access admin posts metadata.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 66.8%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

Products affected by CVE-2021-24872

Get Custom Field Values Project » Get Custom Field Values » Version: N/A

cpe:2.3:a:get_custom_field_values_project:get_custom_field_values:-
Get Custom Field Values Project » Get Custom Field Values » Version: 3.5

cpe:2.3:a:get_custom_field_values_project:get_custom_field_values:3.5
Get Custom Field Values Project » Get Custom Field Values » Version: 3.6

cpe:2.3:a:get_custom_field_values_project:get_custom_field_values:3.6
Get Custom Field Values Project » Get Custom Field Values » Version: 3.6.1

cpe:2.3:a:get_custom_field_values_project:get_custom_field_values:3.6.1
Get Custom Field Values Project » Get Custom Field Values » Version: 3.7

cpe:2.3:a:get_custom_field_values_project:get_custom_field_values:3.7
Get Custom Field Values Project » Get Custom Field Values » Version: 3.8

cpe:2.3:a:get_custom_field_values_project:get_custom_field_values:3.8
Get Custom Field Values Project » Get Custom Field Values » Version: 3.9

cpe:2.3:a:get_custom_field_values_project:get_custom_field_values:3.9
Get Custom Field Values Project » Get Custom Field Values » Version: 3.9.1

cpe:2.3:a:get_custom_field_values_project:get_custom_field_values:3.9.1
Get Custom Field Values Project » Get Custom Field Values » Version: 3.9.2

cpe:2.3:a:get_custom_field_values_project:get_custom_field_values:3.9.2
Get Custom Field Values Project » Get Custom Field Values » Version: 3.9.3

cpe:2.3:a:get_custom_field_values_project:get_custom_field_values:3.9.3
Get Custom Field Values Project » Get Custom Field Values » Version: 3.9.4

cpe:2.3:a:get_custom_field_values_project:get_custom_field_values:3.9.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-24872

Products

Pricing

Contact Us