exploitDog

GHSA-r75f-cj9v-2727

Опубликовано: 31 окт. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

The WordPress File Sharing Plugin WordPress plugin before 2.0.5 does not check authorization before displaying files and folders, allowing users to gain access to those filed by manipulating IDs which can easily be brute forced

The WordPress File Sharing Plugin WordPress plugin before 2.0.5 does not check authorization before displaying files and folders, allowing users to gain access to those filed by manipulating IDs which can easily be brute forced

Ссылки

EPSS

Процентиль: 51%

0.00276

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-639

Связанные уязвимости

CVE-2023-4836

CVSS3: 4.3

nvd

больше 2 лет назад

The WordPress File Sharing Plugin WordPress plugin before 2.0.5 does not check authorization before displaying files and folders, allowing users to gain access to those filed by manipulating IDs which can easily be brute forced

EPSS

Процентиль: 51%

0.00276

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-639