exploitDog

GHSA-9j2m-4pqq-wmh6

Опубликовано: 22 янв. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

The WP User Profile Avatar WordPress plugin before 1.0.1 does not properly check for authorisation, allowing authors to delete and update arbitrary avatar

The WP User Profile Avatar WordPress plugin before 1.0.1 does not properly check for authorisation, allowing authors to delete and update arbitrary avatar

Ссылки

EPSS

Процентиль: 24%

0.00083

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-639

Связанные уязвимости

CVE-2023-6384

CVSS3: 4.3

nvd

около 2 лет назад

The WP User Profile Avatar WordPress plugin before 1.0.1 does not properly check for authorisation, allowing authors to delete and update arbitrary avatar

EPSS

Процентиль: 24%

0.00083

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-639