ГлавнаяУязвимости → CVE-2023-7269
7.5высокая

CVE-2023-7269

Описание

The ArtPlacer Widget WordPress plugin before 2.21.2 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack

Затрагиваемое ПО
Artplacer Artplacer widget
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:L
Источники
https://wpscan.com/vulnerability/1e8e1186-323b-473b-a0c4-580dc94020d7/https://wpscan.com/vulnerability/1e8e1186-323b-473b-a0c4-580dc94020d7/