CVE-2024-32823

Опубликовано: 24 апр. 2024

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

Authorization Bypass Through User-Controlled Key vulnerability in FeedbackWP Rate my Post – WP Rating System.This issue affects Rate my Post – WP Rating System: from n/a through 3.4.4.

Ссылки

https://patchstack.com/database/vulnerability/rate-my-post/wordpress-rate-my-post-plugin-3-4-4-insecure-direct-object-references-idor-vulnerability?_s_id=cve
Third Party Advisory
https://patchstack.com/database/vulnerability/rate-my-post/wordpress-rate-my-post-plugin-3-4-4-insecure-direct-object-references-idor-vulnerability?_s_id=cve
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:blazzdev:rate_my_post:*:*:*:*:*:wordpress:*:*

Версия до 3.4.5 (исключая)

EPSS

Процентиль: 15%

0.00049

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-639

Связанные уязвимости

GHSA-8fp3-p8fq-633j