exploitDog

GHSA-m27g-fr8f-5p8f

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.2

Описание

The WP Booking System plugin 1.5.1 for WordPress has no CSRF protection, which allows attackers to reach certain SQL injection issues that require administrative access.

The WP Booking System plugin 1.5.1 for WordPress has no CSRF protection, which allows attackers to reach certain SQL injection issues that require administrative access.

Ссылки

EPSS

Процентиль: 32%

0.00128

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2019-12239

CVSS3: 7.2

nvd

больше 6 лет назад

The WP Booking System plugin 1.5.1 for WordPress has no CSRF protection, which allows attackers to reach certain SQL injection issues that require administrative access.

EPSS

Процентиль: 32%

0.00128

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-352