Описание
The Testimonial Slider WordPress plugin before 2.3.7 does not properly ensure that a user has the necessary capabilities to edit certain sensitive Testimonial Slider WordPress plugin before 2.3.7 settings, making it possible for users with at least the Author role to edit them.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.3.7 (исключая)
cpe:2.3:a:radiustheme:testimonial_slider_and_showcase:*:*:*:*:-:wordpress:*:*
EPSS
Процентиль: 35%
0.00144
Низкий
4.3 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 4.3
github
почти 2 года назад
The Testimonial Slider WordPress plugin before 2.3.7 does not properly ensure that a user has the necessary capabilities to edit certain sensitive Testimonial Slider WordPress plugin before 2.3.7 settings, making it possible for users with at least the Author role to edit them.
EPSS
Процентиль: 35%
0.00144
Низкий
4.3 Medium
CVSS3
Дефекты
NVD-CWE-noinfo