CVE-2023-23976

Опубликовано: 24 апр. 2024

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

Incorrect Default Permissions vulnerability in Metagauss RegistrationMagic allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects RegistrationMagic: from n/a through 5.1.9.2.

Ссылки

https://patchstack.com/database/vulnerability/custom-registration-form-builder-with-submission-manager/wordpress-registrationmagic-custom-registration-forms-user-registration-and-user-login-plugin-plugin-5-1-9-2-arbitrary-price-change?_s_id=cve
Third Party Advisory
https://patchstack.com/database/vulnerability/custom-registration-form-builder-with-submission-manager/wordpress-registrationmagic-custom-registration-forms-user-registration-and-user-login-plugin-plugin-5-1-9-2-arbitrary-price-change?_s_id=cve
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:metagauss:registrationmagic:*:*:*:*:*:wordpress:*:*

Версия до 5.1.9.3 (исключая)

EPSS

Процентиль: 22%

0.00074

Низкий

7.5 High

CVSS3

Дефекты

CWE-276

Связанные уязвимости

GHSA-4qj3-r8v4-x3fg