CVE-2021-24661

Name of the Vulnerable Software and Affected Versions PostX – Gutenberg Blocks for Post Grid WordPress plugin versions prior to 2.4.10

Description The issue allows users with Contributor roles or higher to read password-protected or private post contents they are otherwise unable to read, given the post ID, when the Saved Templates Addon is enabled.

Recommendations For versions prior to 2.4.10, update to version 2.4.10 or later to resolve the issue. As a temporary workaround, consider disabling the Saved Templates Addon until a patch is available. Restrict access to password-protected or private post contents to minimize the risk of exploitation.