Описание
The Social Auto Poster plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 5.3.14. This makes it possible for unauthenticated attackers to add, modify, or delete post meta and plugin options.
Ссылки
- Product
- Third Party Advisory
- Product
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.3.15 (исключая)
cpe:2.3:a:wpwebinfotech:social_auto_poster:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 56%
0.00337
Низкий
7.3 High
CVSS3
7.5 High
CVSS3
Дефекты
CWE-862
CWE-862
Связанные уязвимости
CVSS3: 7.3
github
больше 1 года назад
The Social Auto Poster plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 5.3.14. This makes it possible for unauthenticated attackers to add, modify, or delete post meta and plugin options.
EPSS
Процентиль: 56%
0.00337
Низкий
7.3 High
CVSS3
7.5 High
CVSS3
Дефекты
CWE-862
CWE-862