Описание
Vulnerability in wordpress plugin DTracker v1.5, The code dtracker/save_mail.php doesn't check that the user is authorized before injecting new contacts into the wp_contact table.
Ссылки
- Third Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:dtracker_project:dtracker:1.5:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 89%
0.04624
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-862
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
Vulnerability in wordpress plugin DTracker v1.5, The code dtracker/save_mail.php doesn't check that the user is authorized before injecting new contacts into the wp_contact table.
EPSS
Процентиль: 89%
0.04624
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-862