Описание
The Admin and Site Enhancements (ASE) WordPress plugin before 7.6.10 uses a hardcoded password in its Password Protection feature, allowing attacker to bypass the protection offered via a crafted request
Ссылки
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 7.6.10 (исключая)Версия до 7.6.10 (исключая)
Одно из
cpe:2.3:a:wpase:admin_and_site_enhancements:*:*:*:*:free:wordpress:*:*
cpe:2.3:a:wpase:admin_and_site_enhancements:*:*:*:*:pro:wordpress:*:*
EPSS
Процентиль: 25%
0.00084
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-798
Связанные уязвимости
CVSS3: 5.3
github
10 месяцев назад
The Admin and Site Enhancements (ASE) WordPress plugin before 7.6.10 uses a hardcoded password in its Password Protection feature, allowing attacker to bypass the protection offered via a crafted request
EPSS
Процентиль: 25%
0.00084
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-798