1. CVE-Search
  2. CVE-2021-25084
ID CVE-2021-25084
Summary The Advanced Cron Manager WordPress plugin before 2.4.2 and Advanced Cron Manager Pro WordPress plugin before 2.5.3 do not have authorisation checks in some of their AJAX actions, allowing any authenticated users, such as subscriber to call them and add or remove events as well as schedules for example
References
Vulnerable Configurations
  • cpe:2.3:a:bracketspace:advanced_cron_manager:-:*:*:*:-:wordpress:*:*
    cpe:2.3:a:bracketspace:advanced_cron_manager:-:*:*:*:-:wordpress:*:*
  • cpe:2.3:a:bracketspace:advanced_cron_manager:1.3.2:*:*:*:-:wordpress:*:*
    cpe:2.3:a:bracketspace:advanced_cron_manager:1.3.2:*:*:*:-:wordpress:*:*
  • cpe:2.3:a:bracketspace:advanced_cron_manager:1.4.1:*:*:*:-:wordpress:*:*
    cpe:2.3:a:bracketspace:advanced_cron_manager:1.4.1:*:*:*:-:wordpress:*:*
  • cpe:2.3:a:bracketspace:advanced_cron_manager:1.4.3:*:*:*:-:wordpress:*:*
    cpe:2.3:a:bracketspace:advanced_cron_manager:1.4.3:*:*:*:-:wordpress:*:*
  • cpe:2.3:a:bracketspace:advanced_cron_manager:1.4.4:*:*:*:-:wordpress:*:*
    cpe:2.3:a:bracketspace:advanced_cron_manager:1.4.4:*:*:*:-:wordpress:*:*
  • cpe:2.3:a:bracketspace:advanced_cron_manager:2.0.0:*:*:*:-:wordpress:*:*
    cpe:2.3:a:bracketspace:advanced_cron_manager:2.0.0:*:*:*:-:wordpress:*:*
  • cpe:2.3:a:bracketspace:advanced_cron_manager:2.1.0:*:*:*:-:wordpress:*:*
    cpe:2.3:a:bracketspace:advanced_cron_manager:2.1.0:*:*:*:-:wordpress:*:*
  • cpe:2.3:a:bracketspace:advanced_cron_manager:2.1.1:*:*:*:-:wordpress:*:*
    cpe:2.3:a:bracketspace:advanced_cron_manager:2.1.1:*:*:*:-:wordpress:*:*
  • cpe:2.3:a:bracketspace:advanced_cron_manager:2.1.2:*:*:*:-:wordpress:*:*
    cpe:2.3:a:bracketspace:advanced_cron_manager:2.1.2:*:*:*:-:wordpress:*:*
  • cpe:2.3:a:bracketspace:advanced_cron_manager:2.2.0:*:*:*:-:wordpress:*:*
    cpe:2.3:a:bracketspace:advanced_cron_manager:2.2.0:*:*:*:-:wordpress:*:*
  • cpe:2.3:a:bracketspace:advanced_cron_manager:2.2.1:*:*:*:-:wordpress:*:*
    cpe:2.3:a:bracketspace:advanced_cron_manager:2.2.1:*:*:*:-:wordpress:*:*
  • cpe:2.3:a:bracketspace:advanced_cron_manager:2.2.2:*:*:*:-:wordpress:*:*
    cpe:2.3:a:bracketspace:advanced_cron_manager:2.2.2:*:*:*:-:wordpress:*:*
  • cpe:2.3:a:bracketspace:advanced_cron_manager:2.2.3:*:*:*:-:wordpress:*:*
    cpe:2.3:a:bracketspace:advanced_cron_manager:2.2.3:*:*:*:-:wordpress:*:*
  • cpe:2.3:a:bracketspace:advanced_cron_manager:2.3.0:*:*:*:-:wordpress:*:*
    cpe:2.3:a:bracketspace:advanced_cron_manager:2.3.0:*:*:*:-:wordpress:*:*
  • cpe:2.3:a:bracketspace:advanced_cron_manager:2.3.1:*:*:*:-:wordpress:*:*
    cpe:2.3:a:bracketspace:advanced_cron_manager:2.3.1:*:*:*:-:wordpress:*:*
  • cpe:2.3:a:bracketspace:advanced_cron_manager:2.3.2:*:*:*:-:wordpress:*:*
    cpe:2.3:a:bracketspace:advanced_cron_manager:2.3.2:*:*:*:-:wordpress:*:*
  • cpe:2.3:a:bracketspace:advanced_cron_manager:2.3.3:*:*:*:-:wordpress:*:*
    cpe:2.3:a:bracketspace:advanced_cron_manager:2.3.3:*:*:*:-:wordpress:*:*
  • cpe:2.3:a:bracketspace:advanced_cron_manager:2.3.4:*:*:*:-:wordpress:*:*
    cpe:2.3:a:bracketspace:advanced_cron_manager:2.3.4:*:*:*:-:wordpress:*:*
  • cpe:2.3:a:bracketspace:advanced_cron_manager:2.3.5:*:*:*:-:wordpress:*:*
    cpe:2.3:a:bracketspace:advanced_cron_manager:2.3.5:*:*:*:-:wordpress:*:*
  • cpe:2.3:a:bracketspace:advanced_cron_manager:2.3.6:*:*:*:-:wordpress:*:*
    cpe:2.3:a:bracketspace:advanced_cron_manager:2.3.6:*:*:*:-:wordpress:*:*
  • cpe:2.3:a:bracketspace:advanced_cron_manager:2.3.7:*:*:*:-:wordpress:*:*
    cpe:2.3:a:bracketspace:advanced_cron_manager:2.3.7:*:*:*:-:wordpress:*:*
  • cpe:2.3:a:bracketspace:advanced_cron_manager:2.3.8:*:*:*:-:wordpress:*:*
    cpe:2.3:a:bracketspace:advanced_cron_manager:2.3.8:*:*:*:-:wordpress:*:*
  • cpe:2.3:a:bracketspace:advanced_cron_manager:2.3.9:*:*:*:-:wordpress:*:*
    cpe:2.3:a:bracketspace:advanced_cron_manager:2.3.9:*:*:*:-:wordpress:*:*
  • cpe:2.3:a:bracketspace:advanced_cron_manager:2.3.10:*:*:*:-:wordpress:*:*
    cpe:2.3:a:bracketspace:advanced_cron_manager:2.3.10:*:*:*:-:wordpress:*:*
  • cpe:2.3:a:bracketspace:advanced_cron_manager:2.4.0:*:*:*:-:wordpress:*:*
    cpe:2.3:a:bracketspace:advanced_cron_manager:2.4.0:*:*:*:-:wordpress:*:*
  • cpe:2.3:a:bracketspace:advanced_cron_manager:2.4.1:*:*:*:-:wordpress:*:*
    cpe:2.3:a:bracketspace:advanced_cron_manager:2.4.1:*:*:*:-:wordpress:*:*
  • cpe:2.3:a:bracketspace:advanced_cron_manager:-:*:*:*:pro:wordpress:*:*
    cpe:2.3:a:bracketspace:advanced_cron_manager:-:*:*:*:pro:wordpress:*:*
CVSS
Base: 4.0 (as of 01-03-2022 - 15:55)
Impact:
Exploitability:
CWE CWE-862
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:L/Au:S/C:N/I:P/A:N
Last major update 01-03-2022 - 15:55
Published 07-02-2022 - 16:15
Last modified 01-03-2022 - 15:55
Back to Top