exploitDog

CVE-2020-22276

Опубликовано: 04 нояб. 2020

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

WeForms Wordpress Plugin 1.4.7 allows CSV injection via a form's entry.

Ссылки

http://uploadboy.com/tvvs4p2gf03m/887/mp4
Third Party Advisory
https://cert.ikiu.ac.ir/public-files/news/document/CVE-99/CVE-2020-22276.pdf
Exploit
Third Party Advisory
https://filebin.net/khncr59vyfztn6wj
Exploit
Third Party Advisory
http://uploadboy.com/tvvs4p2gf03m/887/mp4
Third Party Advisory
https://cert.ikiu.ac.ir/public-files/news/document/CVE-99/CVE-2020-22276.pdf
Exploit
Third Party Advisory
https://filebin.net/khncr59vyfztn6wj
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:weformspro:weforms:1.4.7:*:*:*:*:wordpress:*:*

EPSS

Процентиль: 79%

0.01209

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-1236

Связанные уязвимости

GHSA-mpjr-7qj2-46x4

github

больше 3 лет назад

WeForms Wordpress Plugin 1.4.7 allows CSV injection via a form's entry.

EPSS

Процентиль: 79%

0.01209

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-1236