Описание
The Export WP Page to Static HTML/CSS plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on multiple AJAX actions in all versions up to, and including, 2.1.9. This makes it possible for authenticated attackers, with subscriber-level access and above, to disclose sensitive information or perform unauthorized actions, such as saving advanced plugin settings.
Ссылки
- Issue Tracking
- Issue Tracking
- Issue Tracking
- Issue Tracking
- Issue Tracking
- Issue Tracking
- Issue Tracking
- Patch
- Third Party Advisory
- Issue Tracking
- Issue Tracking
- Issue Tracking
- Issue Tracking
- Issue Tracking
- Issue Tracking
- Issue Tracking
- Patch
- Third Party Advisory
Уязвимые конфигурации
EPSS
5.4 Medium
CVSS3
Дефекты
Связанные уязвимости
The Export WP Page to Static HTML/CSS plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on multiple AJAX actions in all versions up to, and including, 2.1.9. This makes it possible for authenticated attackers, with subscriber-level access and above, to disclose sensitive information or perform unauthorized actions, such as saving advanced plugin settings.
EPSS
5.4 Medium
CVSS3