Description
The QuickEdit module does not properly check access to fields in some circumstances, which can lead to unintended disclosure of field data. Sites are only affected if the QuickEdit module (which comes with the Standard profile) is installed.
Remediation
References
Related Vulnerabilities
WordPress Plugin Advanced Custom Fields PRO Cross-Site Scripting (5.9.0)
Oracle JRE CVE-2013-2423 Vulnerability (CVE-2013-2423)
WordPress Plugin Profile Builder-User Profile & User Registration Forms Cross-Site Scripting (2.2.4)
Prototype CVE-2020-27511 Vulnerability (CVE-2020-27511)
Grafana Improper Authentication Vulnerability (CVE-2021-28148)