exploitDog

CVE-2023-5098

Опубликовано: 31 окт. 2023

Источник: nvd

CVSS3: 8.1

EPSS Низкий

Описание

The Campaign Monitor Forms by Optin Cat WordPress plugin before 2.5.6 does not prevent users with low privileges (like subscribers) from overwriting any options on a site with the string "true", which could lead to a variety of outcomes, including DoS.

Ссылки

https://wpscan.com/vulnerability/3167a83c-291e-4372-a42e-d842205ba722
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/3167a83c-291e-4372-a42e-d842205ba722
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:fatcatapps:campaign_monitor_optin_cat:*:*:*:*:*:wordpress:*:*

Версия до 2.5.6 (исключая)

EPSS

Процентиль: 43%

0.00205

Низкий

8.1 High

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-8jvw-g6jp-rqqp

CVSS3: 8.1

github

больше 2 лет назад

The Campaign Monitor Forms by Optin Cat WordPress plugin before 2.5.6 does not prevent users with low privileges (like subscribers) from overwriting any options on a site with the string "true", which could lead to a variety of outcomes, including DoS.

EPSS

Процентиль: 43%

0.00205

Низкий

8.1 High

CVSS3

Дефекты

NVD-CWE-noinfo