cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2021-25013,https://securityvulnerability.io/vulnerability/CVE-2021-25013,Qubely < 1.7.8 - Subscriber+ Arbitrary Post Deletion,"The Qubely WordPress plugin before 1.7.8 does not have authorisation and CSRF check on the qubely_delete_saved_block AJAX action, and does not ensure that the block to be deleted belong to the plugin, as a result, any authenticated users, such as subscriber can delete arbitrary posts",Wordpress,Qubely – Advanced Gutenberg Blocks,6.5,MEDIUM,0.000539999979082495,false,,false,false,false,,false,false,2022-01-24T08:01:08.000Z,0