CVE-2020-9392 in pricing-table-by-supsystic Plugininfo

Zusammenfassung

von MITRE

An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. Because there is no permission check on the ImportJSONTable, createFromTpl, and getJSONExportTable endpoints, unauthenticated users can retrieve pricing table information, create new tables, or import/modify a table.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

MITRE

Reservieren

25.02.2020

Moderieren

akzeptiert

Eintrag

VDB-152071

CPE

bereit

CWE

CWE-269 (bestätigt)

CVSS

7.3 (NVD)

EPSS

0.00979

KEV

nein

Aktivitäten

very low

Sektor

Hostingprovider

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2020-9392
NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-9392
CVE Details	https://www.cvedetails.com/cve/CVE-2020-9392/

◂ Zurück Übersicht Weiter ▸

Do you know our Splunk app?

Download it now for free!