exploitDog

CVE-2025-12696

Опубликовано: 14 дек. 2025

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

The HelloLeads CRM Form Shortcode WordPress plugin through 1.0 does not have authorisation and CSRF check when resetting its settings, allowing unauthenticated users to reset them

Ссылки

https://wpscan.com/vulnerability/e552dfc8-c6e1-4605-bc36-30dc4066eaea/

EPSS

Процентиль: 9%

0.00033

Низкий

5.3 Medium

CVSS3

Дефекты

Связанные уязвимости

GHSA-58xj-43wp-5wf8

CVSS3: 5.3

github

около 2 месяцев назад

The HelloLeads CRM Form Shortcode WordPress plugin through 1.0 does not have authorisation and CSRF check when resetting its settings, allowing unauthenticated users to reset them

EPSS

Процентиль: 9%

0.00033

Низкий

5.3 Medium

CVSS3

Дефекты