Описание
The HTML Forms WordPress plugin before 1.3.34 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
Ссылки
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.3.34 (исключая)
cpe:2.3:a:ibericode:html_forms:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 48%
0.00253
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 6.5
github
больше 1 года назад
The HTML Forms WordPress plugin before 1.3.34 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
EPSS
Процентиль: 48%
0.00253
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-352