Описание
Incorrect Access Control in the AJAX endpoint functionality in jonkastonka Cookies and Content Security Policy plugin through version 2.29 allows remote attackers to cause a denial of service (database server resource exhaustion) via unlimited database write operations to the wp_ajax_nopriv_cacsp_insert_consent_data endpoint.
Ссылки
- Not Applicable
- Not Applicable
- Product
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.29 (включая)
cpe:2.3:a:followmedarling:cookies_and_content_security_policy:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 26%
0.00091
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-284
Связанные уязвимости
CVSS3: 5.3
github
6 месяцев назад
Incorrect Access Control in the AJAX endpoint functionality in jonkastonka Cookies and Content Security Policy plugin through version 2.29 allows remote attackers to cause a denial of service (database server resource exhaustion) via unlimited database write operations to the wp_ajax_nopriv_cacsp_insert_consent_data endpoint.
EPSS
Процентиль: 26%
0.00091
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-284