exploitDog

GHSA-whr2-w3q9-5g6m

Опубликовано: 30 нояб. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.1

Описание

Cross-Site Request Forgery (CSRF), Missing Authorization vulnerability in gVectors Team wpForo Forum wpforo allows Cross Site Request Forgery, Accessing Functionality Not Properly Constrained by ACLs leading to forced all users log out.This issue affects wpForo Forum: from n/a through 2.2.6.

Cross-Site Request Forgery (CSRF), Missing Authorization vulnerability in gVectors Team wpForo Forum wpforo allows Cross Site Request Forgery, Accessing Functionality Not Properly Constrained by ACLs leading to forced all users log out.This issue affects wpForo Forum: from n/a through 2.2.6.

Ссылки

EPSS

Процентиль: 33%

0.00134

Низкий

7.1 High

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2023-47870

CVSS3: 7.1

nvd

около 2 лет назад

Cross-Site Request Forgery (CSRF), Missing Authorization vulnerability in gVectors Team wpForo Forum wpforo allows Cross Site Request Forgery, Accessing Functionality Not Properly Constrained by ACLs leading to forced all users log out.This issue affects wpForo Forum: from n/a through 2.2.6.

EPSS

Процентиль: 33%

0.00134

Низкий

7.1 High

CVSS3

CVE ID

Дефекты

CWE-352