CVE-2021-42749

2022-01-0718:09:22

mitre

www.cve.org

5.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.1%

JSON

In Beaver Themer, attackers can bypass conditional logic controls (for hiding content) when viewing the post archives. Exploitation requires that a Themer layout is applied to the archives, and that the post excerpt field is not set.

References

docs.wpbeaverbuilder.com/beaver-builder/developer/conditionally-hidden-content/

tekfused.com/tek/vulnerability-research/beaver-builder-vulnerabilities-visibility-conditional-logic-cve/