exploitDog

GHSA-hjvp-3h96-35mg

Опубликовано: 20 мар. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

The WP Meta SEO WordPress plugin before 4.5.3 does not authorize several ajax actions, allowing low-privilege users to make updates to certain data and leading to an arbitrary redirect vulnerability.

The WP Meta SEO WordPress plugin before 4.5.3 does not authorize several ajax actions, allowing low-privilege users to make updates to certain data and leading to an arbitrary redirect vulnerability.

Ссылки

EPSS

Процентиль: 93%

0.09476

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-601

Связанные уязвимости

CVE-2023-0876

CVSS3: 6.1

nvd

почти 3 года назад

The WP Meta SEO WordPress plugin before 4.5.3 does not authorize several ajax actions, allowing low-privilege users to make updates to certain data and leading to an arbitrary redirect vulnerability.

EPSS

Процентиль: 93%

0.09476

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-601