Medium severity6.5NVD Advisory· Published Apr 15, 2021· Updated Jun 17, 2026
CVE-2021-29450
CVE-2021-29450
Description
Wordpress is an open source CMS. One of the blocks in the WordPress editor can be exploited in a way that exposes password-protected posts and pages. This requires at least contributor privileges. This has been patched in WordPress 5.7.1, along with the older affected versions via minor releases. It's strongly recommended that you keep auto-updates enabled to receive the fix.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- osv-coords2 versions
>= 4.7.0, < 5.7.1+ 1 more
- (no CPE)range: >= 4.7.0, < 5.7.1
- (no CPE)range: >= 4.7.0, < 5.7.1
- Range: >= 4.70,< 5.7.1
Patches
Vulnerability mechanics
References
4- github.com/WordPress/wordpress-develop/security/advisories/GHSA-pmmh-2f36-wvhqnvdThird Party Advisory
- lists.debian.org/debian-lts-announce/2021/04/msg00017.htmlnvdMailing ListThird Party Advisory
- wordpress.org/news/category/security/nvdVendor Advisory
- www.debian.org/security/2021/dsa-4896nvdThird Party Advisory
News mentions
0No linked articles in our index yet.