exploitDog

GHSA-6gwc-q32q-63j2

Опубликовано: 10 июл. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 3.5

Описание

The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both.

The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both.

Ссылки

EPSS

Процентиль: 17%

0.00056

Низкий

3.5 Low

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2023-3209

CVSS3: 3.5

nvd

больше 2 лет назад

The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both.

EPSS

Процентиль: 17%

0.00056

Низкий

3.5 Low

CVSS3

CVE ID

Дефекты

CWE-352