exploitDog

CVE-2024-6719

Опубликовано: 15 мая 2025

Источник: nvd

CVSS3: 8.1

EPSS Низкий

Описание

The Offload Videos WordPress plugin before 1.0.1 does not have CSRF check in place when updating its settings, which could allow low privilege users to update them via a CSRF attack

Ссылки

https://wpscan.com/vulnerability/1dc7caac-a36e-4313-a8be-c6b13e564924/
Third Party Advisory
Exploit
https://wpscan.com/vulnerability/1dc7caac-a36e-4313-a8be-c6b13e564924/
Third Party Advisory
Exploit

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:webgarh:offload_videos:*:*:*:*:*:wordpress:*:*

Версия до 1.0.1 (исключая)

EPSS

Процентиль: 8%

0.0003

Низкий

8.1 High

CVSS3

Дефекты

CWE-352

Связанные уязвимости

GHSA-hjxc-cj85-6rvh

CVSS3: 8.1

github

9 месяцев назад

The Offload Videos WordPress plugin before 1.0.1 does not have CSRF check in place when updating its settings, which could allow low privilege users to update them via a CSRF attack

EPSS

Процентиль: 8%

0.0003

Низкий

8.1 High

CVSS3

Дефекты

CWE-352