Описание
The accurate-form-data-real-time-form-validation plugin 1.2 for WordPress has CSRF with resultant XSS via wp-admin/options-general.php?page=Accu_Data_WP.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- Third Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:wp_accurate_form_data_project:wp_accurate_form_data:1.2:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 49%
0.00263
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
The accurate-form-data-real-time-form-validation plugin 1.2 for WordPress has CSRF with resultant XSS via wp-admin/options-general.php?page=Accu_Data_WP.
EPSS
Процентиль: 49%
0.00263
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-352