Описание
The Business Directory Plugin – Easy Listing Directories for WordPress WordPress plugin before 5.11.2 suffered from a Cross-Site Request Forgery issue, allowing an attacker to make a logged in administrator export files, which could then be downloaded by the attacker to get access to PII, such as email, home addresses etc
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.11.2 (исключая)
cpe:2.3:a:strategy11:business_directory_plugin_-_easy_listing_directories:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 32%
0.00121
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-352
Связанные уязвимости
github
больше 3 лет назад
The Business Directory Plugin – Easy Listing Directories for WordPress WordPress plugin before 5.11.2 suffered from a Cross-Site Request Forgery issue, allowing an attacker to make a logged in administrator export files, which could then be downloaded by the attacker to get access to PII, such as email, home addresses etc
EPSS
Процентиль: 32%
0.00121
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-352