exploitDog

GHSA-8993-7526-7h8g

Опубликовано: 27 нояб. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

The Seraphinite Accelerator WordPress plugin before 2.20.32 does not have authorisation and CSRF checks when resetting and importing its settings, allowing unauthenticated users to reset them

The Seraphinite Accelerator WordPress plugin before 2.20.32 does not have authorisation and CSRF checks when resetting and importing its settings, allowing unauthenticated users to reset them

Ссылки

EPSS

Процентиль: 27%

0.00097

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-862

Связанные уязвимости

CVE-2023-5611

CVSS3: 5.3

nvd

около 2 лет назад

The Seraphinite Accelerator WordPress plugin before 2.20.32 does not have authorisation and CSRF checks when resetting and importing its settings, allowing unauthenticated users to reset them

EPSS

Процентиль: 27%

0.00097

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-862