Описание
The PT Project Notebooks plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization in the wpnb_pto_new_users_add() function in versions 1.0.0 through 1.1.3. This makes it possible for unauthenticated attackers to elevate their privileges to that of an administrator.
Ссылки
- Product
- Product
- Product
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 1.0.0 (включая) до 1.1.3 (включая)
cpe:2.3:a:ptoffice:pt_project_notebooks:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 51%
0.00279
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-862
Связанные уязвимости
CVSS3: 9.8
github
7 месяцев назад
The PT Project Notebooks plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization in the wpnb_pto_new_users_add() function in versions 1.0.0 through 1.1.3. This makes it possible for unauthenticated attackers to elevate their privileges to that of an administrator.
EPSS
Процентиль: 51%
0.00279
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-862