exploitDog

GHSA-v22h-7mrq-rcj9

Опубликовано: 29 авг. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

The Simply Schedule Appointments WordPress plugin before 1.5.7.7 is missing authorisation in a REST endpoint, allowing unauthenticated users to retrieve WordPress users details such as name and email address

The Simply Schedule Appointments WordPress plugin before 1.5.7.7 is missing authorisation in a REST endpoint, allowing unauthenticated users to retrieve WordPress users details such as name and email address

Ссылки

EPSS

Процентиль: 92%

0.08392

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-862

Связанные уязвимости

CVE-2022-2373

CVSS3: 5.3

nvd

больше 3 лет назад

The Simply Schedule Appointments WordPress plugin before 1.5.7.7 is missing authorisation in a REST endpoint, allowing unauthenticated users to retrieve WordPress users details such as name and email address

EPSS

Процентиль: 92%

0.08392

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-862