VYPR

Gutenberg Template Library & Redux Framework

by WordPress

CVEs (2)

  • CVE-2021-38312HigSep 2, 2021
    risk 0.46cvss 7.1epss 0.01

    The Gutenberg Template Library & Redux Framework plugin <= 4.2.11 for WordPress used an incorrect authorization check in the REST API endpoints registered under the “redux/v1/templates/” REST Route in “redux-templates/classes/class-api.php”. The `permissions_callback`…

  • CVE-2021-38314MedSep 2, 2021
    risk 0.37cvss 5.3epss 0.29

    The Gutenberg Template Library & Redux Framework plugin <= 4.2.11 for WordPress registered several AJAX actions available to unauthenticated users in the `includes` function in `redux-core/class-redux-core.php` that were unique to a given site but deterministic and predictable…