CVE-2021-24881

The Passster WordPress plugin before 3.5.5.9 does not properly check for password, as well as that the post to be viewed is public, allowing unauthenticated users to bypass the protection offered by the plugin, and access arbitrary posts (such as private) content, by sending a specifically crafted request.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:passster_project:passter:*:*:*:*:*:wordpress:*:*

Information

Published : 2023-01-23 07:15

Updated : 2023-01-30 11:25


NVD link : CVE-2021-24881

Mitre link : CVE-2021-24881


JSON object : View

CWE
CWE-287

Improper Authentication

Advertisement

dedicated server usa

Products Affected

passster_project

  • passter