CVE-2021-24842

Published: 2021-11-29T09:15Z

Last Modified: 2024-11-21T05:53Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

The Bulk Datetime Change WordPress plugin before 1.12 does not enforce capability checks which allows users with Contributor roles to 1) list private post titles of other users and 2) change the posted date of other users' posts. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt