exploitDog

GHSA-q37p-4rw5-7329

Опубликовано: 03 апр. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.2

Описание

The Shopping Cart & eCommerce Store WordPress plugin before 5.4.3 does not validate HTTP requests, allowing authenticated users with admin privileges to perform LFI attacks.

The Shopping Cart & eCommerce Store WordPress plugin before 5.4.3 does not validate HTTP requests, allowing authenticated users with admin privileges to perform LFI attacks.

Ссылки

EPSS

Процентиль: 65%

0.00488

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-22

CWE-552

Связанные уязвимости

CVE-2023-1124

CVSS3: 7.2

nvd

почти 3 года назад

The Shopping Cart & eCommerce Store WordPress plugin before 5.4.3 does not validate HTTP requests, allowing authenticated users with admin privileges to perform LFI attacks.

EPSS

Процентиль: 65%

0.00488

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-22

CWE-552