exploitDog

GHSA-8327-26x5-xq89

Опубликовано: 12 окт. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs Profile Builder plugin <= 3.6.0 at WordPress allows uploading the JSON file and updating the options. Requires Import and Export add-on.

Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs Profile Builder plugin <= 3.6.0 at WordPress allows uploading the JSON file and updating the options. Requires Import and Export add-on.

Ссылки

EPSS

Процентиль: 55%

0.00329

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2021-36915

CVSS3: 4.2

nvd

больше 3 лет назад

Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs Profile Builder plugin <= 3.6.0 at WordPress allows uploading the JSON file and updating the options. Requires Import and Export add-on.

EPSS

Процентиль: 55%

0.00329

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-352