CVE-2020-9392 in pricing-table-by-supsystic Plugininformation

Résumé

par MITRE

An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. Because there is no permission check on the ImportJSONTable, createFromTpl, and getJSONExportTable endpoints, unauthenticated users can retrieve pricing table information, create new tables, or import/modify a table.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsable

MITRE

Réserver

25/02/2020

Modérer

accepté

Entrée

VDB-152071

CPE

prêt

CWE

CWE-269 (confirmé)

CVSS

7.3 (NVD)

EPSS

0.00979

KEV

non

Activités

très faible

Secteur

Hostingprovider

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2020-9392
NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-9392
CVE Details	https://www.cvedetails.com/cve/CVE-2020-9392/

◂ Précédent Aperçu Suivant ▸

Interested in the pricing of exploits?

See the underground prices here!