Описание
The wp-social-bookmarking-light plugin before 1.7.10 for WordPress has CSRF with resultant XSS via configuration parameters for Tumblr, Twitter, Facebook, etc. in wp-admin/options-general.php?page=wp-social-bookmarking-light%2Fmodules%2Fadmin.php.
Ссылки
- ExploitThird Party Advisory
- ProductRelease Notes
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ProductRelease Notes
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.7.10 (исключая)
cpe:2.3:a:wp_social_bookmarking_light_project:wp_social_bookmarking_light:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 38%
0.00167
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-352
Связанные уязвимости
github
больше 3 лет назад
The wp-social-bookmarking-light plugin before 1.7.10 for WordPress has CSRF with resultant XSS via configuration parameters for Tumblr, Twitter, Facebook, etc. in wp-admin/options-general.php?page=wp-social-bookmarking-light%2Fmodules%2Fadmin.php.
EPSS
Процентиль: 38%
0.00167
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-352