exploitDog

CVE-2019-15895

Опубликовано: 09 сент. 2019

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

search-exclude.php in the "Search Exclude" plugin before 1.2.4 for WordPress allows unauthenticated options changes.

Ссылки

https://blog.nintechnet.com/settings-change-vulnerability-in-wordpress-search-exclude-plugin/
https://wordpress.org/plugins/search-exclude/#developers
Release Notes
https://wpvulndb.com/vulnerabilities/9870
Third Party Advisory
https://blog.nintechnet.com/settings-change-vulnerability-in-wordpress-search-exclude-plugin/
https://wordpress.org/plugins/search-exclude/#developers
Release Notes
https://wpvulndb.com/vulnerabilities/9870
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:search_exclude_project:search_exclude:*:*:*:*:*:wordpress:*:*

Версия до 1.2.4 (исключая)

EPSS

Процентиль: 63%

0.00442

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-306

Связанные уязвимости

GHSA-m8g7-g7q3-qm44

github

больше 3 лет назад

search-exclude.php in the "Search Exclude" plugin before 1.2.4 for WordPress allows unauthenticated options changes.

EPSS

Процентиль: 63%

0.00442

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-306