All AJAX actions of the Tab WordPress plugin before 1.3.2 are available to both unauthenticated and authenticated users, allowing unauthenticated attackers to modify various data in the plugin, such as add/edit/delete arbitrary tabs.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2022-01-03T12:49:05
Updated: 2024-08-03T19:42:17.210Z
Reserved: 2021-01-14T00:00:00
Link: CVE-2021-24831
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-01-03T13:15:08.263
Modified: 2023-08-31T16:12:36.847
Link: CVE-2021-24831
Redhat
No data.