CVE-2023-0291 in Quiz and Survey Master Plugin정보

요약

\~에 의해 MITRE • 2023. 06. 09.

The Quiz And Survey Master for WordPress is vulnerable to authorization bypass due to a missing capability check on the function associated with the qsm_remove_file_fd_question AJAX action in versions up to, and including, 8.0.8. This makes it possible for unauthenticated attackers to delete arbitrary media files.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

예약하다

2023. 01. 13.

공개

2023. 06. 09.

모더레이션

수락

항목

VDB-221096

CPE

준비됨

CWE

CWE-306 (확인됨)

익스플로잇

다운로드

CVSS

9.1 (NVD)

EPSS

0.00092

KEV

아니요

활동

매우 낮음

부문

Education

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2023-0291
NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-0291
CVE Details	https://www.cvedetails.com/cve/CVE-2023-0291/

◂ 이전 개요 다음 ▸

Interested in the pricing of exploits?

See the underground prices here!