← voltar
CVE-2021-24244

WPBakery Page Builder Clipboard < 4.5.8 - Unauthorised Arbitrary License Options Update

EPSS 0.9%CWE-863
An AJAX action registered by the WPBakery Page Builder (Visual Composer) Clipboard WordPress plugin before 4.5.8 did not have capability checks, allowing low privilege users, such as subscribers, to update the license options (key, email).
Produtos afetados
bitorbit · WPBakery Page Builder (Visual Composer) Clipboard

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://codecanyon.net/item/visual-composer-clipboard/8897711https://wpscan.com/vulnerability/354b98d8-46a1-4189-b347-198701ea59b9