WordPress Plugin Vulnerabilities
PostX – Gutenberg Blocks for Post Grid < 3.2.4 - Incorrect Authorization
Description
The PostX – Gutenberg Blocks for Post Grid plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several REST API endpoints in versions up to, and including, 3.2.3. This makes it possible for authenticated attackers, with author-level access and above, to perform several unauthorized actions.
Affects Plugins
References
Classification
Miscellaneous
Timeline
Publicly Published
2024-04-05 (about 3 months ago)
Added
2024-04-11 (about 2 months ago)
Last Updated
2024-04-11 (about 2 months ago)