Описание
The kadence-blocks-pro WordPress plugin before 2.3.8 does not prevent users with at least the contributor role using some of its shortcode's functionalities to leak arbitrary options from the database.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.3.8 (исключая)
cpe:2.3:a:kadencewp:kadence_blocks_pro:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 48%
0.00245
Низкий
4.3 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 4.3
github
больше 1 года назад
The kadence-blocks-pro WordPress plugin before 2.3.8 does not prevent users with at least the contributor role using some of its shortcode's functionalities to leak arbitrary options from the database.
EPSS
Процентиль: 48%
0.00245
Низкий
4.3 Medium
CVSS3
Дефекты
NVD-CWE-noinfo