Vulnerability Database

309,359

Total vulnerabilities in the database

CVE-2021-24244

An AJAX action registered by the WPBakery Page Builder (Visual Composer) Clipboard WordPress plugin before 4.5.8 did not have capability checks, allowing low privilege users, such as subscribers, to update the license options (key, email).

Published: May 6, 2021
Updated: Nov 16, 2025
CVE: CVE-2021-24244
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:N/I:P/A:N

CWEs:

CWE-863

Affected Software
References

Software	From	Fixed in
wpbakery_page_builder_clipboard_project / wpbakery_page_builder_clipboard	4.5.0	4.5.8

https://codecanyon.net/item/visual-composer-clipboard/8897711
https://wpscan.com/vulnerability/354b98d8-46a1-4189-b347-198701ea59b9

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo