exploitDog

CVE-2024-0780

Опубликовано: 18 мар. 2024

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

The Enjoy Social Feed plugin for WordPress website WordPress plugin through 6.2.2 does not have authorisation when resetting its database, allowing any authenticated users, such as subscriber to perform such action

Ссылки

https://wpscan.com/vulnerability/be3045b1-72e6-450a-8dd2-4702a9328447/
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/be3045b1-72e6-450a-8dd2-4702a9328447/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mediabetaprojects:enjoy_social_feed:*:*:*:*:*:wordpress:*:*

Версия до 6.2.2 (включая)

EPSS

Процентиль: 63%

0.00447

Низкий

8.8 High

CVSS3

Дефекты

CWE-862

Связанные уязвимости

GHSA-fxj6-8fmc-7h79

CVSS3: 8.8

github

почти 2 года назад

The Enjoy Social Feed plugin for WordPress website WordPress plugin through 6.2.2 does not have authorisation when resetting its database, allowing any authenticated users, such as subscriber to perform such action

EPSS

Процентиль: 63%

0.00447

Низкий

8.8 High

CVSS3

Дефекты

CWE-862