wp-private-content-plus Plugin up to 1.x on WordPress Settings save_settings_page 7pk security

entryeditHistoryDiffjsonxmlCTI

A vulnerability has been found in wp-private-content-plus Plugin up to 1.x on WordPress (WordPress Plugin) and classified as critical. This vulnerability affects the function save_settings_page of the component Settings. Upgrading to version 2.0 eliminates this vulnerability.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
933131908/10/2020VulD...cve_nvd_summaryThe wp-private-content-plus plugin before 2.0 for WordPress has no protection against option changes via save_settings_page and other save_ functions.mitre.org08/10/2020accepted100
933131808/10/2020VulD...cve_assigned1567036800mitre.org08/10/2020accepted100
933131208/10/2020VulD...cvss3_nvd_aNnist.gov08/10/2020accepted100
933131108/10/2020VulD...cvss3_nvd_iHnist.gov08/10/2020accepted100
933131008/10/2020VulD...cvss3_nvd_cNnist.gov08/10/2020accepted100
933130908/10/2020VulD...cvss3_nvd_sUnist.gov08/10/2020accepted100
933130808/10/2020VulD...cvss3_nvd_uiNnist.gov08/10/2020accepted100
933130708/10/2020VulD...cvss3_nvd_prNnist.gov08/10/2020accepted100
933130608/10/2020VulD...cvss3_nvd_acLnist.gov08/10/2020accepted100
933130508/10/2020VulD...cvss3_nvd_avNnist.gov08/10/2020accepted100
933129208/10/2020VulD...cvss2_nvd_aiNnist.gov08/10/2020accepted100
933129108/10/2020VulD...cvss2_nvd_iiPnist.gov08/10/2020accepted100
933129008/10/2020VulD...cvss2_nvd_ciNnist.gov08/10/2020accepted100
933128908/10/2020VulD...cvss2_nvd_auNnist.gov08/10/2020accepted100
933128808/10/2020VulD...cvss2_nvd_acLnist.gov08/10/2020accepted100
933128708/10/2020VulD...cvss2_nvd_avNnist.gov08/10/2020accepted100
933127708/10/2020VulD...cwe254 (privilege escalation)08/10/2020accepted100
933127108/10/2020VulD...typeWordPress Plugin08/10/2020accepted100
933132608/31/2019VulD...cvss3_nvd_basescore7.5nist.gov08/31/2019accepted90
933132508/31/2019VulD...cvss3_vuldb_rcX08/31/2019accepted90

Do you want to use VulDB in your project?

Use the official API to access entries easily!