CVE Vulnerabilities

CVE-2024-1564

Published: Mar 25, 2024 | Modified: Jun 27, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io minimus.io echohq.com

The wp-schema-pro WordPress plugin before 2.7.16 does not validate post access allowing a contributor user to access custom fields on any post regardless of post type or status via a shortcode

Affected Software

Name Vendor Start Version End Version
Schema Brainstormforce * 2.7.16 (excluding)

References