exploitDog

GHSA-qwqq-2qch-x65x

Опубликовано: 26 июл. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

The SP Project & Document Manager WordPress plugin through 4.57 uses an easily guessable path to store user files, bad actors could use that to access other users' sensitive files.

The SP Project & Document Manager WordPress plugin through 4.57 uses an easily guessable path to store user files, bad actors could use that to access other users' sensitive files.

Ссылки

EPSS

Процентиль: 63%

0.00439

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-200

CWE-425

Связанные уязвимости

CVE-2022-1551

CVSS3: 6.5

nvd

больше 3 лет назад

The SP Project & Document Manager WordPress plugin before 4.58 uses an easily guessable path to store user files, bad actors could use that to access other users' sensitive files.

EPSS

Процентиль: 63%

0.00439

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-200

CWE-425