Medium severity5.4NVD Advisory· Published Jun 28, 2024· Updated Jun 17, 2026
CVE-2024-5863
CVE-2024-5863
Description
The Easy Image Collage plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the ajax_image_collage() function in all versions up to, and including, 1.13.5. This makes it possible for authenticated attackers, with Contributor-level access and above, to erase all of the content in arbitrary posts.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=1.13.5+ 1 more
- (no CPE)range: <=1.13.5
- (no CPE)range: <=1.13.5
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.