exploitDog

CVE-2015-9418

Опубликовано: 26 сент. 2019

Источник: nvd

CVSS3: 4.3

CVSS2: 5.8

EPSS Низкий

Описание

The Watu Pro plugin before 4.9.0.8 for WordPress has CSRF that allows an attacker to delete quizzes.

Ссылки

https://advisories.dxw.com/advisories/csrf-in-watu-pro-allows-unauthenticated-attackers-to-delete-quizzes/
Exploit
Third Party Advisory
https://wordpress.org/plugins/watupro/#developers
Not Applicable
Third Party Advisory
https://calendarscripts.info/watupro/
Product
Third Party Advisory
https://advisories.dxw.com/advisories/csrf-in-watu-pro-allows-unauthenticated-attackers-to-delete-quizzes/
Exploit
Third Party Advisory
https://wordpress.org/plugins/watupro/#developers
Not Applicable
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:kibokolabs:watupro:*:*:*:*:*:wordpress:*:*

Версия до 4.9.0.8 (исключая)

EPSS

Процентиль: 31%

0.00114

Низкий

4.3 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

GHSA-qj5g-vv2m-g5p9

CVSS3: 4.3

github

больше 3 лет назад

The Watu Pro plugin before 4.9.0.8 for WordPress has CSRF that allows an attacker to delete quizzes.

EPSS

Процентиль: 31%

0.00114

Низкий

4.3 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-352