CVE-2021-44777

Опубликовано: 19 янв. 2022

Источник: nvd

CVSS3: 5.4

CVSS3: 4.3

CVSS2: 4.3

EPSS Низкий

Описание

Cross-Site Request Forgery (CSRF) vulnerabilities leading to single or bulk e-mail entries deletion discovered in Email Tracker WordPress plugin (versions <= 5.2.6).

Ссылки

https://patchstack.com/database/vulnerability/email-tracker/wordpress-email-tracker-plugin-5-2-6-cross-site-request-forgery-csrf-vulnerabilities-leading-to-single-or-bulk-e-mail-entries-deletion
Patch
Third Party Advisory
https://wordpress.org/plugins/email-tracker/#developers
Release Notes
Third Party Advisory
https://patchstack.com/database/vulnerability/email-tracker/wordpress-email-tracker-plugin-5-2-6-cross-site-request-forgery-csrf-vulnerabilities-leading-to-single-or-bulk-e-mail-entries-deletion
Patch
Third Party Advisory
https://wordpress.org/plugins/email-tracker/#developers
Release Notes
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:email_tracker_project:email_tracker:*:*:*:*:*:wordpress:*:*

Версия до 5.2.6 (включая)

EPSS

Процентиль: 27%

0.00098

Низкий

5.4 Medium

CVSS3

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

GHSA-jhr2-2f55-c4fq

github

около 4 лет назад

Cross-Site Request Forgery (CSRF) vulnerabilities leading to single or bulk e-mail entries deletion discovered in Email Tracker WordPress plugin (versions <= 5.2.6).

EPSS

Процентиль: 27%

0.00098

Низкий

5.4 Medium

CVSS3

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-352