CVE-2021-39203
on github
Published
Severity
CVSS v3:
6.5 MEDIUM
CVSS v2:
6 MEDIUM
Description
WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions authenticated users who don't have permission to view private post types/data can bypass restrictions in the block editor under certain conditions. This affected WordPress 5.8 beta during the testing period. It's fixed in the final 5.8 release.
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|---|---|---|
cpe:2.3:a:wordpress:wordpress:5.8:beta1:*:*:*:*:*:* | n/a | n/a | 5.8 |