exploitDog

CVE-2021-36874

Опубликовано: 27 сент. 2021

Источник: nvd

CVSS3: 7.1

CVSS3: 8.8

CVSS2: 6.5

EPSS Низкий

Описание

Authenticated Insecure Direct Object References (IDOR) vulnerability in WordPress uListing plugin (versions <= 2.0.5).

Ссылки

https://patchstack.com/database/vulnerability/ulisting/wordpress-ulisting-plugin-2-0-5-authenticated-insecure-direct-object-references-idor-vulnerability
Third Party Advisory
https://wordpress.org/plugins/ulisting/#developers
Third Party Advisory
https://patchstack.com/database/vulnerability/ulisting/wordpress-ulisting-plugin-2-0-5-authenticated-insecure-direct-object-references-idor-vulnerability
Third Party Advisory
https://wordpress.org/plugins/ulisting/#developers
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:stylemixthemes:ulisting:*:*:*:*:*:wordpress:*:*

Версия до 2.0.5 (включая)

EPSS

Процентиль: 73%

0.00747

Низкий

7.1 High

CVSS3

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-639

Связанные уязвимости

GHSA-6qm2-c6m9-24vc

github

больше 3 лет назад

Authenticated Insecure Direct Object References (IDOR) vulnerability in WordPress uListing plugin (versions <= 2.0.5).

EPSS

Процентиль: 73%

0.00747

Низкий

7.1 High

CVSS3

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-639