CVE-2020-9392 in pricing-table-by-supsystic Plugininformação

Sumário

de MITRE

An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. Because there is no permission check on the ImportJSONTable, createFromTpl, and getJSONExportTable endpoints, unauthenticated users can retrieve pricing table information, create new tables, or import/modify a table.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

MITRE

Reservar

25/02/2020

Moderação

aceite

Entrada

VDB-152071

CPE

pronto

CWE

CWE-269 (confirmado)

CVSS

7.3 (NVD)

EPSS

0.00979

KEV

não

Atividades

muito baixo

Sector

Hostingprovider

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2020-9392
NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-9392
CVE Details	https://www.cvedetails.com/cve/CVE-2020-9392/

◂ Voltar Visão Geral Próximo ▸

Do you know our Splunk app?

Download it now for free!