exploitDog

GHSA-jpvc-cfc6-xwc3

Опубликовано: 28 июн. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

The WP Post Styling WordPress plugin before 1.3.1 does not have CSRF checks in various actions, which could allow attackers to make a logged in admin delete plugin's data, update the settings, add new entries and more via CSRF attacks

The WP Post Styling WordPress plugin before 1.3.1 does not have CSRF checks in various actions, which could allow attackers to make a logged in admin delete plugin's data, update the settings, add new entries and more via CSRF attacks

Ссылки

EPSS

Процентиль: 30%

0.00112

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2022-1845

CVSS3: 4.3

nvd

больше 3 лет назад

The WP Post Styling WordPress plugin before 1.3.1 does not have CSRF checks in various actions, which could allow attackers to make a logged in admin delete plugin's data, update the settings, add new entries and more via CSRF attacks

EPSS

Процентиль: 30%

0.00112

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-352