exploitDog

CVE-2025-8085

Опубликовано: 08 сент. 2025

Источник: nvd

CVSS3: 8.6

EPSS Низкий

Описание

The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to its displayItems endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs.

Ссылки

https://wpscan.com/vulnerability/f42c37bb-1ae0-49ab-bd81-7864dff0fcff/

EPSS

Процентиль: 10%

0.00038

Низкий

8.6 High

CVSS3

Дефекты

Связанные уязвимости

GHSA-5w55-fgg7-m5gx

CVSS3: 8.6

github

6 дней назад

The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to its displayItems endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs.

EPSS

Процентиль: 10%

0.00038

Низкий

8.6 High

CVSS3

Дефекты