VYPR
Medium severity6.5NVD Advisory· Published Oct 25, 2021· Updated Jun 17, 2026

CVE-2021-24779

CVE-2021-24779

Description

The WP Debugging WordPress plugin before 2.11.0 has its update_settings() function hooked to admin_init and is missing any authorisation and CSRF checks, as a result, the settings can be updated by unauthenticated users.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.