exploitDog

GHSA-vj5x-x7x2-xq6v

Опубликовано: 17 окт. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 4.2

Описание

The Import all XML, CSV & TXT WordPress plugin before 6.5.8 does not have authorisation in some places, which could allow any authenticated users to access some of the plugin features if they manage to get the related nonce

The Import all XML, CSV & TXT WordPress plugin before 6.5.8 does not have authorisation in some places, which could allow any authenticated users to access some of the plugin features if they manage to get the related nonce

Ссылки

EPSS

Процентиль: 34%

0.00137

Низкий

4.2 Medium

CVSS3

CVE ID

Дефекты

CWE-862

Связанные уязвимости

CVE-2022-3244

CVSS3: 4.2

nvd

больше 3 лет назад

The Import all XML, CSV & TXT WordPress plugin before 6.5.8 does not have authorisation in some places, which could allow any authenticated users to access some of the plugin features if they manage to get the related nonce

EPSS

Процентиль: 34%

0.00137

Низкий

4.2 Medium

CVSS3

CVE ID

Дефекты

CWE-862