Описание
The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerable to unauthorized modification od data due to a missing capability check on the panding_blood_request_action() function in all versions up to, and including, 2.1.15. This makes it possible for unauthenticated attackers to delete arbitrary posts.
Ссылки
- Patch
- Patch
- PatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.1.16 (исключая)
cpe:2.3:a:themeatelier:idonate:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 26%
0.00089
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-862
Связанные уязвимости
CVSS3: 5.3
github
3 месяца назад
The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerable to unauthorized modification od data due to a missing capability check on the panding_blood_request_action() function in all versions up to, and including, 2.1.15. This makes it possible for unauthenticated attackers to delete arbitrary posts.
EPSS
Процентиль: 26%
0.00089
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-862