CVE-2023-6499 in lasTunes Pluginالمعلومات

الملخص

بحسب MITRE • 12/02/2024

The lasTunes WordPress plugin through 3.6.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

حجز

04/12/2023

إفشاء

12/02/2024

الاعتدال

تمت الموافقة

إدخال

VDB-251598

EPSS

0.00199

KEV

لا

النشاطات

منخفض جدًا

القطاع

Hostingprovider

المصادر

Do you need the next level of professionalism?

Upgrade your account now!