← back
CVE-2021-24733

WP Post Page Clone < 1.2 - Unauthorised Post Access

EPSS 0.8%CWE-863
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.8%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
24 Jan 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The WP Post Page Clone WordPress plugin before 1.2 allows users with a role as low as Contributor to clone and view other users' draft and password-protected posts which they cannot view normally.
Affected products
Unknown · WP Post Page Clone

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://wpscan.com/vulnerability/a7fa5896-5a1d-44c6-985c-e4abcc53da0e