Описание
The My Contador lesr plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportar_registros() function in all versions up to, and including, 2.0. This makes it possible for unauthenticated attackers to export user data.
Ссылки
- Product
- Product
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.1 (исключая)
cpe:2.3:a:nes360:my_contador_lesr:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 47%
0.0024
Низкий
4.3 Medium
CVSS3
5.3 Medium
CVSS3
Дефекты
CWE-862
Связанные уязвимости
CVSS3: 5.3
github
около 1 года назад
The My Contador lesr plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportar_registros() function in all versions up to, and including, 2.0. This makes it possible for unauthenticated attackers to export user data.
EPSS
Процентиль: 47%
0.0024
Низкий
4.3 Medium
CVSS3
5.3 Medium
CVSS3
Дефекты
CWE-862