The Schema App Structured Data plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the MarkupUpdate function in all versions up to, and including, 2.1.0. This makes it possible for authenticated attackers, with subscriber access or higher, to update or delete post metadata.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2024-05-24T06:42:15.486Z

Updated: 2024-08-01T18:18:18.975Z

Reserved: 2024-01-25T14:27:07.981Z

Link: CVE-2024-0893

cve-icon Vulnrichment

Updated: 2024-08-01T18:18:18.975Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-05-24T07:15:09.387

Modified: 2024-11-21T08:47:38.243

Link: CVE-2024-0893

cve-icon Redhat

No data.