exploitDog

GHSA-r4hj-g29h-cqwr

Опубликовано: 02 авг. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

The YaySMTP WordPress plugin before 2.2.1 does not have capability check in an AJAX action, allowing any logged in users, such as subscriber to view the Logs of the plugin

The YaySMTP WordPress plugin before 2.2.1 does not have capability check in an AJAX action, allowing any logged in users, such as subscriber to view the Logs of the plugin

Ссылки

EPSS

Процентиль: 40%

0.00182

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-862

Связанные уязвимости

CVE-2022-2369

CVSS3: 4.3

nvd

больше 3 лет назад

The YaySMTP WordPress plugin before 2.2.1 does not have capability check in an AJAX action, allowing any logged in users, such as subscriber to view the Logs of the plugin

EPSS

Процентиль: 40%

0.00182

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-862