exploitDog

GHSA-v9p8-rxvf-6pf4

Опубликовано: 19 дек. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

The Popup Manager WordPress plugin through 1.6.6 does not have authorisation and CSRF checks when deleting popups, which could allow unauthenticated users to delete them

The Popup Manager WordPress plugin through 1.6.6 does not have authorisation and CSRF checks when deleting popups, which could allow unauthenticated users to delete them

Ссылки

EPSS

Процентиль: 31%

0.0012

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2022-4124

CVSS3: 4.3

nvd

около 3 лет назад

The Popup Manager WordPress plugin through 1.6.6 does not have authorisation and CSRF checks when deleting popups, which could allow unauthenticated users to delete them

EPSS

Процентиль: 31%

0.0012

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-352