exploitDog

GHSA-hw3h-gc2r-whp8

Опубликовано: 16 янв. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

The WooCommerce WordPress plugin before 6.2.1 does not have proper authorisation check when deleting reviews, which could allow any authenticated users, such as subscriber to delete arbitrary comment

The WooCommerce WordPress plugin before 6.2.1 does not have proper authorisation check when deleting reviews, which could allow any authenticated users, such as subscriber to delete arbitrary comment

Ссылки

EPSS

Процентиль: 56%

0.00339

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-863

Связанные уязвимости

CVE-2022-0775

CVSS3: 4.3

nvd

около 2 лет назад

The WooCommerce WordPress plugin before 6.2.1 does not have proper authorisation check when deleting reviews, which could allow any authenticated users, such as subscriber to delete arbitrary comment

EPSS

Процентиль: 56%

0.00339

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-863