exploitDog

CVE-2023-5352

Опубликовано: 06 нояб. 2023

Источник: nvd

CVSS3: 4.3

EPSS Низкий

Описание

The Awesome Support WordPress plugin before 6.1.5 does not correctly authorize the wpas_edit_reply function, allowing users to edit posts for which they do not have permission.

Ссылки

https://wpscan.com/vulnerability/d32b2136-d923-4f36-bd76-af4578deb23b
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/d32b2136-d923-4f36-bd76-af4578deb23b
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:getawesomesupport:awesome_support:*:*:*:*:*:wordpress:*:*

Версия до 6.1.5 (исключая)

EPSS

Процентиль: 17%

0.00054

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-863

CWE-683

Связанные уязвимости

GHSA-x748-g8vm-gmhw

CVSS3: 4.3

github

больше 2 лет назад

The Awesome Support WordPress plugin before 6.1.5 does not correctly authorize the wpas_edit_reply function, allowing users to edit posts for which they do not have permission.

EPSS

Процентиль: 17%

0.00054

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-863

CWE-683