exploitDog

CVE-2014-3850

Опубликовано: 11 июн. 2014

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Cross-site request forgery (CSRF) vulnerability in the Member Approval plugin 131109 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings to their default and disable registration approval via a request to wp-admin/options-general.php.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:member_approval_plugin_project:member_approval:131109:*:*:*:*:wordpress:*:*

EPSS

Процентиль: 27%

0.00095

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

GHSA-x3v9-6h6f-8j4v

github

больше 3 лет назад

Cross-site request forgery (CSRF) vulnerability in the Member Approval plugin 131109 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings to their default and disable registration approval via a request to wp-admin/options-general.php.

EPSS

Процентиль: 27%

0.00095

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352