{"containers":{"cna":{"affected":[{"product":"PostX – Gutenberg Blocks for Post Grid","vendor":"Unknown","versions":[{"lessThan":"2.4.10","status":"affected","version":"2.4.10","versionType":"custom"}]}],"credits":[{"lang":"en","value":"apple502j"}],"descriptions":[{"lang":"en","value":"The PostX – Gutenberg Blocks for Post Grid WordPress plugin before 2.4.10 performs incorrect checks before allowing any logged in user to perform some ajax based requests, allowing any user to modify, delete or add ultp_options values."}],"problemTypes":[{"descriptions":[{"cweId":"CWE-863","description":"CWE-863 Incorrect Authorization","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2021-09-27T15:25:30.000Z","orgId":"1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81","shortName":"WPScan"},"references":[{"tags":["x_refsource_MISC"],"url":"https://wpscan.com/vulnerability/5375bd3e-a30d-4f24-9b17-470b28a8231c"}],"source":{"discovery":"EXTERNAL"},"title":"PostX Gutenberg Blocks for Post Grid < 2.4.10 - Missing Access Controls","x_generator":"WPScan CVE Generator","x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"contact@wpscan.com","ID":"CVE-2021-24652","STATE":"PUBLIC","TITLE":"PostX Gutenberg Blocks for Post Grid < 2.4.10 - Missing Access Controls"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"PostX – Gutenberg Blocks for Post Grid","version":{"version_data":[{"version_affected":"<","version_name":"2.4.10","version_value":"2.4.10"}]}}]},"vendor_name":"Unknown"}]}},"credit":[{"lang":"eng","value":"apple502j"}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The PostX – Gutenberg Blocks for Post Grid WordPress plugin before 2.4.10 performs incorrect checks before allowing any logged in user to perform some ajax based requests, allowing any user to modify, delete or add ultp_options values."}]},"generator":"WPScan CVE Generator","problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-863 Incorrect Authorization"}]}]},"references":{"reference_data":[{"name":"https://wpscan.com/vulnerability/5375bd3e-a30d-4f24-9b17-470b28a8231c","refsource":"MISC","url":"https://wpscan.com/vulnerability/5375bd3e-a30d-4f24-9b17-470b28a8231c"}]},"source":{"discovery":"EXTERNAL"}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T19:35:20.368Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://wpscan.com/vulnerability/5375bd3e-a30d-4f24-9b17-470b28a8231c"}]}]},"cveMetadata":{"assignerOrgId":"1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81","assignerShortName":"WPScan","cveId":"CVE-2021-24652","datePublished":"2021-09-27T15:25:30.000Z","dateReserved":"2021-01-14T00:00:00.000Z","dateUpdated":"2024-08-03T19:35:20.368Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}