exploitDog

CVE-2023-1331

Опубликовано: 17 апр. 2023

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

The Redirection WordPress plugin before 1.1.5 does not have CSRF checks in the uninstall action, which could allow attackers to make logged in admins delete all the redirections through a CSRF attack.

Ссылки

https://wpscan.com/vulnerability/f81d9340-cf7e-46c4-b669-e61f2559cb8c
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/f81d9340-cf7e-46c4-b669-e61f2559cb8c
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:inisev:redirection:*:*:*:*:*:wordpress:*:*

Версия до 1.1.5 (исключая)

EPSS

Процентиль: 30%

0.00113

Низкий

6.5 Medium

CVSS3

Дефекты

Связанные уязвимости

GHSA-j5w4-p5hq-hh3c

CVSS3: 6.5

github

почти 3 года назад

The Redirection WordPress plugin before 1.1.5 does not have CSRF checks in the uninstall action, which could allow attackers to make logged in admins delete all the redirections through a CSRF attack.

EPSS

Процентиль: 30%

0.00113

Низкий

6.5 Medium

CVSS3

Дефекты