exploitDog

GHSA-5wq8-45w5-cxgr

Опубликовано: 15 мая 2024

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

The HL Twitter WordPress plugin through 2014.1.18 does not have CSRF check when unlinking twitter accounts, which could allow attackers to make logged in admins perform such actions via a CSRF attack

The HL Twitter WordPress plugin through 2014.1.18 does not have CSRF check when unlinking twitter accounts, which could allow attackers to make logged in admins perform such actions via a CSRF attack

Ссылки

EPSS

Процентиль: 51%

0.0028

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2024-3631

CVSS3: 4.3

nvd

больше 1 года назад

The HL Twitter WordPress plugin through 2014.1.18 does not have CSRF check when unlinking twitter accounts, which could allow attackers to make logged in admins perform such actions via a CSRF attack

EPSS

Процентиль: 51%

0.0028

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-352