CVE-2021-29450

Name of the Vulnerable Software and Affected Versions WordPress versions prior to 5.7.1

Description The issue is related to the exposure of information in WordPress, a content management system. It involves the exploitation of a block in the WordPress editor, which can expose password-protected posts and pages. This requires at least contributor privileges. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited. Technical details about exploitation include the requirement for contributor privileges to access sensitive data.

Recommendations For versions prior to 5.7.1, update to WordPress 5.7.1 or later to receive the fix. It is also recommended to keep auto-updates enabled to ensure the latest security patches are applied. As a temporary workaround, consider restricting access to the WordPress editor for users with contributor privileges until the update is applied.