exploitDog

GHSA-wwf7-p72f-c86w

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Cross-site request forgery (CSRF) vulnerability in improved-user-search-in-backend.php in the backend in the Improved user search in backend plugin before 1.2.5 for WordPress allows remote attackers to hijack the authentication of administrators for requests that insert XSS sequences via the iusib_meta_fields parameter.

Cross-site request forgery (CSRF) vulnerability in improved-user-search-in-backend.php in the backend in the Improved user search in backend plugin before 1.2.5 for WordPress allows remote attackers to hijack the authentication of administrators for requests that insert XSS sequences via the iusib_meta_fields parameter.

Ссылки

EPSS

Процентиль: 66%

0.00526

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2014-5196

nvd

больше 11 лет назад

Cross-site request forgery (CSRF) vulnerability in improved-user-search-in-backend.php in the backend in the Improved user search in backend plugin before 1.2.5 for WordPress allows remote attackers to hijack the authentication of administrators for requests that insert XSS sequences via the iusib_meta_fields parameter.

EPSS

Процентиль: 66%

0.00526

Низкий

CVE ID

Дефекты

CWE-79