Описание
The ArtiBot Free Chat Bot for WordPress WebSites plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the artibot_update function in all versions up to, and including, 1.1.6. This makes it possible for authenticated attackers, with subscriber-level access and above, to update plugin settings.
Ссылки
- Product
- Third Party Advisory
- Product
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.1.7 (исключая)
cpe:2.3:a:artibot:artibot:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 31%
0.00119
Низкий
5 Medium
CVSS3
Дефекты
CWE-862
Связанные уязвимости
CVSS3: 5
github
почти 2 года назад
The ArtiBot Free Chat Bot for WordPress WebSites plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the artibot_update function in all versions up to, and including, 1.1.6. This makes it possible for authenticated attackers, with subscriber-level access and above, to update plugin settings.
EPSS
Процентиль: 31%
0.00119
Низкий
5 Medium
CVSS3
Дефекты
CWE-862