Описание
Nonce token leak vulnerability leading to arbitrary file upload, theme deletion, plugin settings change discovered in Responsive Menu WordPress plugin (versions <= 4.1.7).
Nonce token leak vulnerability leading to arbitrary file upload, theme deletion, plugin settings change discovered in Responsive Menu WordPress plugin (versions <= 4.1.7).
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2022-25602
- https://patchstack.com/database/vulnerability/responsive-menu/wordpress-responsive-menu-plugin-4-1-7-nonce-token-leak-leading-to-arbitrary-file-upload-theme-deletion-plugin-settings-change-vulnerability
- https://wordpress.org/plugins/responsive-menu/#developers
Связанные уязвимости
CVSS3: 8.3
nvd
почти 4 года назад
Nonce token leak vulnerability leading to arbitrary file upload, theme deletion, plugin settings change discovered in Responsive Menu WordPress plugin (versions <= 4.1.7).