exploitDog

GHSA-25jm-89cm-8q44

Опубликовано: 22 дек. 2021

Источник: github

Github: Не прошло ревью

CVSS3: 8.1

Описание

The Logo Carousel WordPress plugin before 3.4.2 allows users with a role as low as Contributor to duplicate and view arbitrary private posts made by other users via the Carousel Duplication feature

The Logo Carousel WordPress plugin before 3.4.2 allows users with a role as low as Contributor to duplicate and view arbitrary private posts made by other users via the Carousel Duplication feature

Ссылки

EPSS

Процентиль: 67%

0.0054

Низкий

8.1 High

CVSS3

CVE ID

Дефекты

CWE-285

CWE-639

Связанные уязвимости

CVE-2021-24739

CVSS3: 8.1

nvd

почти 4 года назад

The Logo Carousel WordPress plugin before 3.4.2 allows users with a role as low as Contributor to duplicate and view arbitrary private posts made by other users via the Carousel Duplication feature

EPSS

Процентиль: 67%

0.0054

Низкий

8.1 High

CVSS3

CVE ID

Дефекты

CWE-285

CWE-639