exploitDog

CVE-2022-25615

Опубликовано: 11 апр. 2022

Источник: nvd

CVSS3: 4.3

CVSS2: 4.3

EPSS Низкий

Описание

Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress plugin) <= 1.3.8 allows cache deletion.

Ссылки

https://patchstack.com/database/vulnerability/eroom-zoom-meetings-webinar/wordpress-eroom-plugin-1-3-8-cross-site-request-forgery-csrf-vulnerability-leading-to-cache-deletion
Third Party Advisory
https://wordpress.org/plugins/eroom-zoom-meetings-webinar/#developers
Third Party Advisory
https://patchstack.com/database/vulnerability/eroom-zoom-meetings-webinar/wordpress-eroom-plugin-1-3-8-cross-site-request-forgery-csrf-vulnerability-leading-to-cache-deletion
Third Party Advisory
https://wordpress.org/plugins/eroom-zoom-meetings-webinar/#developers
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:stylemixthemes:eroom_-_zoom_meetings_\&_webinar:*:*:*:*:*:wordpress:*:*

Версия до 1.3.9 (исключая)

EPSS

Процентиль: 29%

0.00103

Низкий

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-352

CWE-352

Связанные уязвимости

GHSA-8533-w8cr-pv5p

CVSS3: 4.3

github

почти 4 года назад

Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress plugin) <= 1.3.8 allows cache deletion.

EPSS

Процентиль: 29%

0.00103

Низкий

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-352

CWE-352