exploitDog

GHSA-vm96-qm8v-2cgx

Опубликовано: 09 авг. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

The WSM Downloader WordPress plugin through 1.4.0 allows only specific popular websites to download images/files from, this can be bypassed due to the lack of good "link" parameter validation

The WSM Downloader WordPress plugin through 1.4.0 allows only specific popular websites to download images/files from, this can be bypassed due to the lack of good "link" parameter validation

Ссылки

EPSS

Процентиль: 68%

0.00565

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-639

Связанные уязвимости

CVE-2022-2367

CVSS3: 7.5

nvd

больше 3 лет назад

The WSM Downloader WordPress plugin through 1.4.0 allows only specific popular websites to download images/files from, this can be bypassed due to the lack of good "link" parameter validation

EPSS

Процентиль: 68%

0.00565

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-639