exploitDog

GHSA-8pgh-m49h-qpxh

Опубликовано: 15 мар. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

The WPCargo Track & Trace WordPress plugin before 6.9.0 contains a file which could allow unauthenticated attackers to write a PHP file anywhere on the web server, leading to RCE

The WPCargo Track & Trace WordPress plugin before 6.9.0 contains a file which could allow unauthenticated attackers to write a PHP file anywhere on the web server, leading to RCE

Ссылки

EPSS

Процентиль: 100%

0.92018

Критический

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-434

CWE-94

Связанные уязвимости

CVE-2021-25003

CVSS3: 9.8

nvd

почти 4 года назад

The WPCargo Track & Trace WordPress plugin before 6.9.0 contains a file which could allow unauthenticated attackers to write a PHP file anywhere on the web server, leading to RCE

EPSS

Процентиль: 100%

0.92018

Критический

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-434

CWE-94