Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-24215

Опубликовано: 12 апр. 2021
Источник: nvd
CVSS3: 9.8
CVSS2: 10
EPSS Средний

Описание

An Improper Access Control vulnerability was discovered in the Controlled Admin Access WordPress plugin before 1.5.2. Uncontrolled access to the website customization functionality and global CMS settings, like /wp-admin/customization.php and /wp-admin/options.php, can lead to a complete compromise of the target resource.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:wpruby:controlled_admin_access:*:*:*:*:*:wordpress:*:*
Версия до 1.5.2 (исключая)

EPSS

Процентиль: 97%
0.37383
Средний

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-284
CWE-425

Связанные уязвимости

github логотип

GHSA-5wrq-c7c8-h4hx

CVSS3: 9.8
github
больше 3 лет назад

An Improper Access Control vulnerability was discovered in the Controlled Admin Access WordPress plugin before 1.5.2. Uncontrolled access to the website customization functionality and global CMS settings, like /wp-admin/customization.php and /wp-admin/options.php, can lead to a complete compromise of the target resource.

EPSS

Процентиль: 97%
0.37383
Средний

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-284
CWE-425