exploitDog

GHSA-7x52-4x54-c7jw

Опубликовано: 10 июл. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both.

The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both.

Ссылки

EPSS

Процентиль: 48%

0.0025

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-862

Связанные уязвимости

CVE-2023-3131

CVSS3: 4.3

nvd

больше 2 лет назад

The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both.

EPSS

Процентиль: 48%

0.0025

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-862