Brainstormforce: >> Schema >> 1.1.12 Security Vulnerabilities
The wp-schema-pro WordPress plugin before 2.7.16 does not validate post access allowing a contributor user to access custom fields on any post regardless of post type or status via a shortcode
CVSS Score
4.3
EPSS Score
0.003
Published
2024-03-25
Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force US LLC Schema Pro allows Cross Site Request Forgery.This issue affects Schema Pro: from n/a through 2.7.7.
CVSS Score
7.1
EPSS Score
0.002
Published
2023-11-30