exploitDog

CVE-2022-4124

Опубликовано: 19 дек. 2022

Источник: nvd

CVSS3: 4.3

EPSS Низкий

Описание

The Popup Manager WordPress plugin through 1.6.6 does not have authorisation and CSRF checks when deleting popups, which could allow unauthenticated users to delete them

Ссылки

https://wpscan.com/vulnerability/60786bf8-c0d7-4d80-b189-866aba79bce2
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/60786bf8-c0d7-4d80-b189-866aba79bce2
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:popup_manager_project:popup_manager:*:*:*:*:*:wordpress:*:*

Версия до 1.6.6 (включая)

EPSS

Процентиль: 32%

0.0012

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-352

Связанные уязвимости

GHSA-v9p8-rxvf-6pf4

CVSS3: 4.3

github

около 3 лет назад

The Popup Manager WordPress plugin through 1.6.6 does not have authorisation and CSRF checks when deleting popups, which could allow unauthenticated users to delete them

EPSS

Процентиль: 32%

0.0012

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-352