exploitDog

GHSA-89r6-wrjm-5xx8

Опубликовано: 27 июн. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 8.1

Описание

The WP Inventory Manager WordPress plugin before 2.1.0.14 does not have CSRF checks, which could allow attackers to make logged-in admins delete Inventory Items via a CSRF attack

The WP Inventory Manager WordPress plugin before 2.1.0.14 does not have CSRF checks, which could allow attackers to make logged-in admins delete Inventory Items via a CSRF attack

Ссылки

EPSS

Процентиль: 27%

0.00095

Низкий

8.1 High

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2023-2842

CVSS3: 8.1

nvd

больше 2 лет назад

The WP Inventory Manager WordPress plugin before 2.1.0.14 does not have CSRF checks, which could allow attackers to make logged-in admins delete Inventory Items via a CSRF attack

EPSS

Процентиль: 27%

0.00095

Низкий

8.1 High

CVSS3

CVE ID

Дефекты

CWE-352