exploitDog

CVE-2024-8513

Опубликовано: 10 окт. 2024

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

The QA Analytics – Web Analytics Tool with Heatmaps & Session Replay Across All Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_save_plugin_config() function in all versions up to, and including, 4.1.0.0. This makes it possible for unauthenticated attackers to update the plugin's settings.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:quarka:qa_analytics:*:*:*:*:*:wordpress:*:*

Версия до 4.1.0.0 (включая)

EPSS

Процентиль: 69%

0.00609

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-862

CWE-862

Связанные уязвимости

GHSA-v4pc-7q3f-7vf2

CVSS3: 5.3

github

больше 1 года назад

The QA Analytics – Web Analytics Tool with Heatmaps & Session Replay Across All Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_save_plugin_config() function in all versions up to, and including, 4.1.0.0. This makes it possible for unauthenticated attackers to update the plugin's settings.

EPSS

Процентиль: 69%

0.00609

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-862

CWE-862