Описание
The Spacer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the motech_spacer_callback() function in all versions up to, and including, 3.0.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view limited setting information.
EPSS
Процентиль: 28%
0.00099
Низкий
3.1 Low
CVSS3
Дефекты
CWE-862
Связанные уязвимости
CVSS3: 3.1
github
около 1 года назад
The Spacer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the motech_spacer_callback() function in all versions up to, and including, 3.0.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view limited setting information.
EPSS
Процентиль: 28%
0.00099
Низкий
3.1 Low
CVSS3
Дефекты
CWE-862