Количество 4
Количество 4
CVE-2017-17091
wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser key to a string that can be directly derived from the user ID, which allows remote attackers to bypass intended access restrictions by entering this string.
CVE-2017-17091
wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser key to a string that can be directly derived from the user ID, which allows remote attackers to bypass intended access restrictions by entering this string.
CVE-2017-17091
wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser k ...
GHSA-9xr7-2f3f-frc6
wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser key to a string that can be directly derived from the user ID, which allows remote attackers to bypass intended access restrictions by entering this string.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2017-17091 wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser key to a string that can be directly derived from the user ID, which allows remote attackers to bypass intended access restrictions by entering this string. | CVSS3: 8.8 | 5% Низкий | больше 7 лет назад |
 | CVE-2017-17091 wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser key to a string that can be directly derived from the user ID, which allows remote attackers to bypass intended access restrictions by entering this string. | CVSS3: 8.8 | 5% Низкий | больше 7 лет назад |
| CVE-2017-17091 wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser k ... | CVSS3: 8.8 | 5% Низкий | больше 7 лет назад |
| GHSA-9xr7-2f3f-frc6 wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser key to a string that can be directly derived from the user ID, which allows remote attackers to bypass intended access restrictions by entering this string. | CVSS3: 8.8 | 5% Низкий | около 3 лет назад |
Уязвимостей на страницу