Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-wp3p-4fj8-x356

Опубликовано: 24 мая 2022
Источник: github
Github: Не прошло ревью

Описание

The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow nsecure Direct Object Reference (IDOR) via wp-admin/admin-ajax.php to delete any page/post/listing.

The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow nsecure Direct Object Reference (IDOR) via wp-admin/admin-ajax.php to delete any page/post/listing.

Ссылки

EPSS

Процентиль: 76%
0.00993
Низкий

CVE ID

CVE-2019-20209

Связанные уязвимости

nvd логотип

CVE-2019-20209

CVSS3: 7.5
nvd
около 6 лет назад

The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow nsecure Direct Object Reference (IDOR) via wp-admin/admin-ajax.php to delete any page/post/listing.

EPSS

Процентиль: 76%
0.00993
Низкий

CVE ID

CVE-2019-20209