The Advanced Cron Manager WordPress plugin before 2.4.2 and Advanced Cron Manager Pro WordPress plugin before 2.5.3 do not have authorisation checks in some of their AJAX actions, allowing any authenticated users, such as subscriber to call them and add or remove events as well as schedules for example
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2022-02-07T15:47:18

Updated: 2024-08-03T19:56:09.878Z

Reserved: 2021-01-14T00:00:00

Link: CVE-2021-25084

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-02-07T16:15:44.627

Modified: 2024-11-21T05:54:19.203

Link: CVE-2021-25084

cve-icon Redhat

No data.