exploitDog

GHSA-7r5h-fj93-j8m6

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Cross-site request forgery (CSRF) vulnerability in the underConstruction plugin before 1.09 for WordPress allows remote attackers to hijack the authentication of administrators for requests that deactivate a plugin via unspecified vectors.

Cross-site request forgery (CSRF) vulnerability in the underConstruction plugin before 1.09 for WordPress allows remote attackers to hijack the authentication of administrators for requests that deactivate a plugin via unspecified vectors.

Ссылки

EPSS

Процентиль: 46%

0.00236

Низкий

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2013-2699

nvd

почти 12 лет назад

Cross-site request forgery (CSRF) vulnerability in the underConstruction plugin before 1.09 for WordPress allows remote attackers to hijack the authentication of administrators for requests that deactivate a plugin via unspecified vectors.

EPSS

Процентиль: 46%

0.00236

Низкий

CVE ID

Дефекты

CWE-352