exploitDog

GHSA-6mpg-x75c-hw5v

Опубликовано: 15 апр. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

The Meta Box WordPress plugin before 5.9.4 does not prevent users with at least the contributor role from access arbitrary custom fields assigned to other user's posts.

The Meta Box WordPress plugin before 5.9.4 does not prevent users with at least the contributor role from access arbitrary custom fields assigned to other user's posts.

Ссылки

EPSS

Процентиль: 50%

0.00273

Низкий

4.3 Medium

CVSS3

CVE ID

Связанные уязвимости

CVE-2024-1204

CVSS3: 4.3

nvd

почти 2 года назад

The Meta Box WordPress plugin before 5.9.4 does not prevent users with at least the contributor role from access arbitrary custom fields assigned to other user's posts.

EPSS

Процентиль: 50%

0.00273

Низкий

4.3 Medium

CVSS3

CVE ID