CVE-2023-6384 in WP User Profile Avatar Pluginالمعلومات

الملخص

بحسب MITRE • 22/01/2024

The WP User Profile Avatar WordPress plugin before 1.0.1 does not properly check for authorisation, allowing authors to delete and update arbitrary avatar

If you want to get best quality of vulnerability data, you may have to visit VulDB.

حجز

29/11/2023

إفشاء

22/01/2024

الاعتدال

تمت الموافقة

إدخال

VDB-251733

EPSS

0.00405

KEV

لا

النشاطات

منخفض جدًا

القطاع

Hostingprovider

المصادر

Interested in the pricing of exploits?

See the underground prices here!