exploitDog

GHSA-7xf9-6rpx-2c4r

Опубликовано: 12 фев. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

The WPGateway Plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.5. This allows unauthenticated attackers to create arbitrary malicious administrator accounts.

The WPGateway Plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.5. This allows unauthenticated attackers to create arbitrary malicious administrator accounts.

Ссылки

EPSS

Процентиль: 91%

0.06257

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-290

Связанные уязвимости

CVE-2022-3180

CVSS3: 9.8

nvd

12 месяцев назад

The WPGateway Plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.5. This allows unauthenticated attackers to create arbitrary malicious administrator accounts.

EPSS

Процентиль: 91%

0.06257

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-290