exploitDog

GHSA-q963-v9w4-pqp9

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

The HM Multiple Roles WordPress plugin before 1.3 does not have any access control to prevent low privilege users to set themselves as admin via their profile page

The HM Multiple Roles WordPress plugin before 1.3 does not have any access control to prevent low privilege users to set themselves as admin via their profile page

Ссылки

EPSS

Процентиль: 71%

0.00659

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-269

CWE-669

Связанные уязвимости

CVE-2021-24602

CVSS3: 8.8

nvd

больше 4 лет назад

The HM Multiple Roles WordPress plugin before 1.3 does not have any access control to prevent low privilege users to set themselves as admin via their profile page

EPSS

Процентиль: 71%

0.00659

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-269

CWE-669