exploitDog

CVE-2025-60156

Опубликовано: 26 сент. 2025

Источник: nvd

CVSS3: 9.6

EPSS Низкий

Описание

Cross-Site Request Forgery (CSRF) vulnerability in webandprint AR For WordPress allows Upload a Web Shell to a Web Server. This issue affects AR For WordPress: from n/a through 7.98.

Ссылки

https://patchstack.com/database/wordpress/plugin/ar-for-wordpress/vulnerability/wordpress-ar-for-wordpress-plugin-7-98-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

EPSS

Процентиль: 10%

0.00034

Низкий

9.6 Critical

CVSS3

Дефекты

CWE-352

Связанные уязвимости

GHSA-hxqp-vwmr-h574

CVSS3: 9.6

github

4 месяца назад

Cross-Site Request Forgery (CSRF) vulnerability in webandprint AR For WordPress allows Upload a Web Shell to a Web Server. This issue affects AR For WordPress: from n/a through 7.98.

EPSS

Процентиль: 10%

0.00034

Низкий

9.6 Critical

CVSS3

Дефекты

CWE-352