exploitDog

GHSA-mfvg-p5qp-p4gm

Опубликовано: 14 нояб. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

The Webmaster Tools Verification WordPress plugin through 1.2 does not have authorisation and CSRF checks when disabling plugins, allowing unauthenticated users to disable arbitrary plugins

The Webmaster Tools Verification WordPress plugin through 1.2 does not have authorisation and CSRF checks when disabling plugins, allowing unauthenticated users to disable arbitrary plugins

Ссылки

EPSS

Процентиль: 51%

0.00277

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2022-3538

CVSS3: 6.5

nvd

около 3 лет назад

The Webmaster Tools Verification WordPress plugin through 1.2 does not have authorisation and CSRF checks when disabling plugins, allowing unauthenticated users to disable arbitrary plugins

EPSS

Процентиль: 51%

0.00277

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-352