exploitDog

CVE-2020-13693

Опубликовано: 29 мая 2020

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Средний

Описание

An unauthenticated privilege-escalation issue exists in the bbPress plugin before 2.6.5 for WordPress when New User Registration is enabled.

Ссылки

http://packetstormsecurity.com/files/157885/WordPress-BBPress-2.5-Privilege-Escalation.html
Exploit
Third Party Advisory
VDB Entry
https://bbpress.org/blog/2020/05/bbpress-2-6-5-is-out/
Release Notes
Vendor Advisory
https://codex.bbpress.org/releases/
Release Notes
Vendor Advisory
https://wordpress.org/plugins/bbpress/#developers
Release Notes
Third Party Advisory
http://packetstormsecurity.com/files/157885/WordPress-BBPress-2.5-Privilege-Escalation.html
Exploit
Third Party Advisory
VDB Entry
https://bbpress.org/blog/2020/05/bbpress-2-6-5-is-out/
Release Notes
Vendor Advisory
https://codex.bbpress.org/releases/
Release Notes
Vendor Advisory
https://wordpress.org/plugins/bbpress/#developers
Release Notes
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:bbpress:bbpress:*:*:*:*:*:wordpress:*:*

Версия до 2.6.5 (исключая)

EPSS

Процентиль: 98%

0.50401

Средний

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-mwxh-6j9v-45ph

CVSS3: 9.8

github

больше 3 лет назад

bbPress unauthenticated privilege-escalation

EPSS

Процентиль: 98%

0.50401

Средний

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

NVD-CWE-noinfo