Unrated severityNVD Advisory· Published Sep 9, 2019· Updated Aug 5, 2024

CVE-2018-21013

Description

The Swape theme before 1.2.1 for WordPress has incorrect access control, as demonstrated by allowing new administrator accounts via vectors involving xmlPath to wp-admin/admin-ajax.php.

Affected products

WordPress/Swape themedescription
WordPress/Swapellm-create
Range: <1.2.1

Patches

Vulnerability mechanics

References

wpvulndb.com/vulnerabilities/9024mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000