Описание
The Rankology SEO and Analytics Tool plugin for WordPress is vulnerable to unauthorized modification of data due to an incorrect capability check on the 'rankology_code_block' page in all versions up to, and including, 2.0. This makes it possible for authenticated attackers, with Editor-level access and above, to add header and footer code blocks.
EPSS
Процентиль: 9%
0.00032
Низкий
2.7 Low
CVSS3
Дефекты
CWE-285
Связанные уязвимости
CVSS3: 2.7
github
около 1 месяца назад
The Rankology SEO and Analytics Tool plugin for WordPress is vulnerable to unauthorized modification of data due to an incorrect capability check on the 'rankology_code_block' page in all versions up to, and including, 2.0. This makes it possible for authenticated attackers, with Editor-level access and above, to add header and footer code blocks.
EPSS
Процентиль: 9%
0.00032
Низкий
2.7 Low
CVSS3
Дефекты
CWE-285