exploitDog

GHSA-c7r5-8gm8-mxqv

Опубликовано: 09 июл. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

The Simple Photoswipe WordPress plugin through 0.1 does not have authorisation check when updating its settings, which could allow any authenticated users, such as subscriber to update them

The Simple Photoswipe WordPress plugin through 0.1 does not have authorisation check when updating its settings, which could allow any authenticated users, such as subscriber to update them

Ссылки

EPSS

Процентиль: 49%

0.00263

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-862

Связанные уязвимости

CVE-2024-5570

CVSS3: 6.5

nvd

больше 1 года назад

The Simple Photoswipe WordPress plugin through 0.1 does not have authorisation check when updating its settings, which could allow any authenticated users, such as subscriber to update them

EPSS

Процентиль: 49%

0.00263

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-862