CVE-2021-24238 – The Realteo WordPress plugin before 1.2.4, used by the Findeo Theme, did not ensure that t …

22 April 2021

Vuln ID: CVE-2021-24238

Published: 2021-04-22 21:15:09Z

Description: The Realteo WordPress plugin before 1.2.4, used by the Findeo Theme, did not ensure that the requested property to be deleted belong to the user making the request, allowing any authenticated users to delete arbitrary properties by tampering with the property_id parameter.

Source: NVD.NIST.GOV

Date:

22 April 2021

Categorie(s):

NVD

Tag(s):

NVD

Management company settles for $18.4M after nuclear weapons plant staff fudged their timesheets24 April 2024
Securing millions of developers through 2FA24 April 2024
South Korean defense firms subjected to North Korean APT attacks24 April 2024
Multiple MySQL2 Flaw Let Attackers Arbitrary Code Remotely24 April 2024
Phishing Attacks Rise By 58% As The Attackers Leverage AI Tools24 April 2024