exploitDog

CVE-2024-6490

Опубликовано: 26 июл. 2024

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

During testing of the Master Slider WordPress plugin through 3.9.10, a CSRF vulnerability was found, which allows an unauthorized user to manipulate requests on behalf of the victim and thereby delete all of the sliders inside Master Slider WordPress plugin through 3.9.10.

Ссылки

https://wpscan.com/vulnerability/5a56e5aa-841d-4be5-84da-4c3b7602f053/
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/5a56e5aa-841d-4be5-84da-4c3b7602f053/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:averta:master_slider:*:*:*:*:*:wordpress:*:*

Версия до 3.10.0 (исключая)

EPSS

Процентиль: 32%

0.00124

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-352

Связанные уязвимости

GHSA-p63w-qrj3-j2r5

CVSS3: 6.5

github

больше 1 года назад

During testing of the Master Slider WordPress plugin through 3.9.10, a CSRF vulnerability was found, which allows an unauthorized user to manipulate requests on behalf of the victim and thereby delete all of the sliders inside Master Slider WordPress plugin through 3.9.10.

EPSS

Процентиль: 32%

0.00124

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-352