Medium severity4.3NVD Advisory· Published Sep 27, 2021· Updated Jun 17, 2026
CVE-2021-24633
CVE-2021-24633
Description
The Countdown Block WordPress plugin before 1.1.2 does not have authorisation in the eb_write_block_css AJAX action, which allows any authenticated user, such as Subscriber, to modify post contents displayed to users.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Countdown Block plugindescription
- Range: <1.1.2
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/431901eb-0f95-4033-b943-324e6d3844a5nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.