CVE-2019-25215 in ARI Adminer Plugininfo

Zusammenfassung

von MITRE • 16.10.2024

The ARI-Adminer plugin for WordPress is vulnerable to authorization bypass due to a lack of file access controls in nearly every file of the plugin in versions up to, and including, 1.1.14. This makes it possible for unauthenticated attackers to call the files directly and perform a wide variety of unauthorized actions such as accessing a site's database and making changes.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

Wordfence

Reservieren

15.10.2024

Veröffentlichung

16.10.2024

Moderieren

akzeptiert

Eintrag

VDB-280571

CPE

bereit

CWE

CWE-862 (bestätigt)

CVSS

7.3 (CNA)

EPSS

0.00048

KEV

nein

Aktivitäten

very low

Sektor

Hostingprovider

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2019-25215
NVD	https://nvd.nist.gov/vuln/detail/CVE-2019-25215
CVE Details	https://www.cvedetails.com/cve/CVE-2019-25215/

◂ Zurück Übersicht Weiter ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!