exploitDog

GHSA-x468-pj97-v469

Опубликовано: 15 мая 2025

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

The Event Calendar WordPress plugin through 1.0.4 does not check for authorization on delete actions, allowing unauthenticated users to delete arbitrary calendars.

The Event Calendar WordPress plugin through 1.0.4 does not check for authorization on delete actions, allowing unauthenticated users to delete arbitrary calendars.

Ссылки

EPSS

Процентиль: 42%

0.002

Низкий

7.5 High

CVSS3

CVE ID

Связанные уязвимости

CVE-2024-8700

CVSS3: 7.5

nvd

9 месяцев назад

The Event Calendar WordPress plugin through 1.0.4 does not check for authorization on delete actions, allowing unauthenticated users to delete arbitrary calendars.

EPSS

Процентиль: 42%

0.002

Низкий

7.5 High

CVSS3

CVE ID