Описание
The SupportCandy WordPress plugin before 2.2.5 does not have authorisation and CSRF checks in its wpsc_tickets AJAX action, which could allow unauthenticated users to call it and delete arbitrary tickets via the set_delete_permanently_bulk_ticket setting_action. Other actions may be affected as well.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.2.5 (исключая)
cpe:2.3:a:supportcandy:supportcandy:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 77%
0.01009
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-862
CWE-862
Связанные уязвимости
CVSS3: 7.5
github
почти 4 года назад
The SupportCandy WordPress plugin before 2.2.5 does not have authorisation and CRSF checks in its wpsc_tickets AJAX action, which could allow unauthenticated users to call it and delete arbitrary tickets via the set_delete_permanently_bulk_ticket setting_action. Other actions may be affected as well.
EPSS
Процентиль: 77%
0.01009
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-862
CWE-862