Medium severity5.4NVD Advisory· Published Nov 29, 2021· Updated Jun 17, 2026
CVE-2021-24842
CVE-2021-24842
Description
The Bulk Datetime Change WordPress plugin before 1.12 does not enforce capability checks which allows users with Contributor roles to 1) list private post titles of other users and 2) change the posted date of other users' posts.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Bulk Datetime Changedescription
- Range: <1.12
Patches
Vulnerability mechanics
References
2- wpscan.com/vulnerability/054bd981-dbdd-47dd-bad0-fa327e5860a2nvdExploitThird Party Advisory
- plugins.trac.wordpress.org/changeset/2618982nvdRelease NotesThird Party Advisory
News mentions
0No linked articles in our index yet.