Medium severity6.5NVD Advisory· Published Nov 1, 2021· Updated Jun 17, 2026
CVE-2021-24742
CVE-2021-24742
Description
The Logo Slider and Showcase WordPress plugin before 1.3.37 allows Editor users to update the plugin's settings via the rtWLSSettings AJAX action because it uses a nonce for authorisation instead of a capability check.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Logo Slider and Showcasedescription
- Range: <1.3.37
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/8dfc86e4-56a0-4e30-9050-cf3f328ff993nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.