exploitDog

CVE-2016-10944

Опубликовано: 13 сент. 2019

Источник: nvd

CVSS3: 8.8

CVSS2: 6.8

EPSS Низкий

Описание

The multisite-post-duplicator plugin before 1.1.3 for WordPress has wp-admin/tools.php?page=mpd CSRF.

Ссылки

https://advisories.dxw.com/advisories/csrf-vulnerability-in-multisite-post-duplicator-could-allow-an-attacker-to-do-almost-anything-an-admin-user-can-do/
Exploit
Third Party Advisory
https://wordpress.org/plugins/multisite-post-duplicator/#developers
Release Notes
https://advisories.dxw.com/advisories/csrf-vulnerability-in-multisite-post-duplicator-could-allow-an-attacker-to-do-almost-anything-an-admin-user-can-do/
Exploit
Third Party Advisory
https://wordpress.org/plugins/multisite-post-duplicator/#developers
Release Notes

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:wpmaz:multisite_post_duplicator:*:*:*:*:*:wordpress:*:*

Версия до 1.1.3 (исключая)

EPSS

Процентиль: 42%

0.00202

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

GHSA-537v-pf35-xw47

github

больше 3 лет назад

The multisite-post-duplicator plugin before 1.1.3 for WordPress has wp-admin/tools.php?page=mpd CSRF.

EPSS

Процентиль: 42%

0.00202

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-352