ΠΠΏΡΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 23 ΠΎΠΊΡ. 2019
ΠΡΡΠΎΡΠ½ΠΈΠΊ: nvd
CVSS3: 6.1
CVSS2: 4.3
EPSS ΠΠΈΠ·ΠΊΠΈΠΉ
ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
The Easy Digital Downloads (EDD) Content Restriction extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.
Π£ΡΠ·Π²ΠΈΠΌΡΠ΅ ΠΊΠΎΠ½ΡΠΈΠ³ΡΡΠ°ΡΠΈΠΈ
ΠΠΎΠ½ΡΠΈΠ³ΡΡΠ°ΡΠΈΡ 1ΠΠ΅ΡΡΠΈΡ ΠΎΡ 1.8 (Π²ΠΊΠ»ΡΡΠ°Ρ) Π΄ΠΎ 1.8.7 (ΠΈΡΠΊΠ»ΡΡΠ°Ρ)ΠΠ΅ΡΡΠΈΡ ΠΎΡ 1.9 (Π²ΠΊΠ»ΡΡΠ°Ρ) Π΄ΠΎ 1.9.10 (ΠΈΡΠΊΠ»ΡΡΠ°Ρ)ΠΠ΅ΡΡΠΈΡ ΠΎΡ 2.0 (Π²ΠΊΠ»ΡΡΠ°Ρ) Π΄ΠΎ 2.0.5 (ΠΈΡΠΊΠ»ΡΡΠ°Ρ)ΠΠ΅ΡΡΠΈΡ ΠΎΡ 2.1 (Π²ΠΊΠ»ΡΡΠ°Ρ) Π΄ΠΎ 2.1.11 (ΠΈΡΠΊΠ»ΡΡΠ°Ρ)ΠΠ΅ΡΡΠΈΡ ΠΎΡ 2.2 (Π²ΠΊΠ»ΡΡΠ°Ρ) Π΄ΠΎ 2.2.9 (ΠΈΡΠΊΠ»ΡΡΠ°Ρ)ΠΠ΅ΡΡΠΈΡ ΠΎΡ 2.3 (Π²ΠΊΠ»ΡΡΠ°Ρ) Π΄ΠΎ 2.3.7 (ΠΈΡΠΊΠ»ΡΡΠ°Ρ)
ΠΠ΄Π½ΠΎΠ²ΡΠ΅ΠΌΠ΅Π½Π½ΠΎ
ΠΠ΄Π½ΠΎ ΠΈΠ·
cpe:2.3:a:awesomemotive:easy_digital_downloads:*:*:*:*:*:wordpress:*:*
cpe:2.3:a:awesomemotive:easy_digital_downloads:*:*:*:*:*:wordpress:*:*
cpe:2.3:a:awesomemotive:easy_digital_downloads:*:*:*:*:*:wordpress:*:*
cpe:2.3:a:awesomemotive:easy_digital_downloads:*:*:*:*:*:wordpress:*:*
cpe:2.3:a:awesomemotive:easy_digital_downloads:*:*:*:*:*:wordpress:*:*
cpe:2.3:a:awesomemotive:easy_digital_downloads:*:*:*:*:*:wordpress:*:*
cpe:2.3:a:easydigitaldownloads:content_restriction:-:*:*:*:*:easy_digital_downloads:*:*
EPSS
ΠΡΠΎΡΠ΅Π½ΡΠΈΠ»Ρ: 62%
0.00432
ΠΠΈΠ·ΠΊΠΈΠΉ
6.1 Medium
CVSS3
4.3 Medium
CVSS2
ΠΠ΅ΡΠ΅ΠΊΡΡ
CWE-79
Π‘Π²ΡΠ·Π°Π½Π½ΡΠ΅ ΡΡΠ·Π²ΠΈΠΌΠΎΡΡΠΈ
CVSS3: 6.1
github
ΠΏΠΎΡΡΠΈ 4 Π³ΠΎΠ΄Π° Π½Π°Π·Π°Π΄
The Easy Digital Downloads (EDD) Content Restriction extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.
EPSS
ΠΡΠΎΡΠ΅Π½ΡΠΈΠ»Ρ: 62%
0.00432
ΠΠΈΠ·ΠΊΠΈΠΉ
6.1 Medium
CVSS3
4.3 Medium
CVSS2
ΠΠ΅ΡΠ΅ΠΊΡΡ
CWE-79