exploitDog

CVE-2023-5886

Опубликовано: 18 дек. 2023

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

The Export any WordPress data to XML/CSV WordPress plugin before 1.4.0, WP All Export Pro WordPress plugin before 1.8.6 does not check nonce tokens early enough in the request lifecycle, allowing attackers with the ability to upload files to make logged in users perform unwanted actions leading to PHAR deserialization, which may lead to remote code execution.

Ссылки

https://wpscan.com/vulnerability/0a08e49d-d34e-4140-a15d-ad64444665a3
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/0a08e49d-d34e-4140-a15d-ad64444665a3
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:soflyy:export_any_wordpress_data_to_xml\/csv:*:*:*:*:*:wordpress:*:*

Версия до 1.4.1 (исключая)

cpe:2.3:a:soflyy:wp_all_export:*:*:*:*:pro:wordpress:*:*

Версия до 1.8.6 (исключая)

EPSS

Процентиль: 73%

0.00748

Низкий

8.8 High

CVSS3

Дефекты

CWE-352

Связанные уязвимости

GHSA-qgv4-xfrj-hvp7

CVSS3: 8.8

github

около 2 лет назад

The Export any WordPress data to XML/CSV WordPress plugin before 1.4.0, WP All Export Pro WordPress plugin before 1.8.6 does not check nonce tokens early enough in the request lifecycle, allowing attackers with the ability to upload files to make logged in users perform unwanted actions leading to PHAR deserialization, which may lead to remote code execution.

EPSS

Процентиль: 73%

0.00748

Низкий

8.8 High

CVSS3

Дефекты

CWE-352