CVE-2025-3099 in Advanced Search by My Solr Server Plugininfo

Zusammenfassung

von MITRE • 02.04.2025

The Advanced Search by My Solr Server plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.5. This is due to missing or incorrect nonce validation on the 'MySolrServerSettings' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Veröffentlichung

02.04.2025

Moderieren

akzeptiert

Eintrag

VDB-302919

CPE

bereit

CWE

CWE-352 (bestätigt)

CVSS

6.1 (CNA)

EPSS

0.00413

KEV

nein

Aktivitäten

very low

Sektor

Hostingprovider

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-3099
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-3099
CVE Details	https://www.cvedetails.com/cve/CVE-2025-3099/

◂ Zurück Übersicht Weiter ▸

Might our Artificial Intelligence support you?

Check our Alexa App!