exploitDog

CVE-2019-14786

Опубликовано: 15 авг. 2019

Источник: nvd

CVSS3: 6.5

CVSS2: 4

EPSS Низкий

Описание

The Rank Math SEO plugin 1.0.27 for WordPress allows non-admin users to reset the settings via the wp-admin/admin-post.php reset-cmb parameter.

Ссылки

https://rankmath.com/changelog/
Release Notes
https://wpvulndb.com/vulnerabilities/9375
Exploit
Third Party Advisory
https://www.pluginvulnerabilities.com/2019/06/20/authenticated-settings-reset-vulnerability-in-rank-math-seo/
Exploit
Third Party Advisory
https://rankmath.com/changelog/
Release Notes
https://wpvulndb.com/vulnerabilities/9375
Exploit
Third Party Advisory
https://www.pluginvulnerabilities.com/2019/06/20/authenticated-settings-reset-vulnerability-in-rank-math-seo/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:rankmath:seo:*:*:*:*:free:wordpress:*:*

Версия до 1.0.27.1 (исключая)

EPSS

Процентиль: 41%

0.00195

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-862

Связанные уязвимости

GHSA-cm2r-2mx3-6fv2

CVSS3: 6.5

github

больше 3 лет назад

The Rank Math SEO plugin 1.0.27 for WordPress allows non-admin users to reset the settings via the wp-admin/admin-post.php reset-cmb parameter.

EPSS

Процентиль: 41%

0.00195

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-862