exploitDog

GHSA-75xq-8745-9756

Опубликовано: 19 мар. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.2

Описание

In Pluck 4.7.16, an admin user can use the theme upload functionality at /admin.php?action=themeinstall to perform remote code execution.

In Pluck 4.7.16, an admin user can use the theme upload functionality at /admin.php?action=themeinstall to perform remote code execution.

Ссылки

EPSS

Процентиль: 95%

0.20453

Средний

7.2 High

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2022-26965

CVSS3: 7.2

nvd

почти 4 года назад

In Pluck 4.7.16, an admin user can use the theme upload functionality at /admin.php?action=themeinstall to perform remote code execution.

EPSS

Процентиль: 95%

0.20453

Средний

7.2 High

CVSS3

CVE ID

Дефекты

CWE-434