exploitDog

GHSA-4pw8-jp5w-wqgr

Опубликовано: 02 мая 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

The Download Manager WordPress plugin before 6.3.0 leaks master key information without the need for a password, allowing attackers to download arbitrary password-protected package files.

The Download Manager WordPress plugin before 6.3.0 leaks master key information without the need for a password, allowing attackers to download arbitrary password-protected package files.

Ссылки

EPSS

Процентиль: 52%

0.00287

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-200

CWE-276

Связанные уязвимости

CVE-2023-1809

CVSS3: 7.5

nvd

почти 3 года назад

The Download Manager WordPress plugin before 6.3.0 leaks master key information without the need for a password, allowing attackers to download arbitrary password-protected package files.

EPSS

Процентиль: 52%

0.00287

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-200

CWE-276