Vulnerabilities > CVE-2021-24244 - Incorrect Authorization vulnerability in Wpbakery Page Builder Clipboard Project Wpbakery Page Builder Clipboard
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
An AJAX action registered by the WPBakery Page Builder (Visual Composer) Clipboard WordPress plugin before 4.5.8 did not have capability checks, allowing low privilege users, such as subscribers, to update the license options (key, email).