ГлавнаяУязвимости → CVE-2024-13618
7.2высокая

CVE-2024-13618

Описание

The aoa-downloadable WordPress plugin through 0.1.0 lacks authorization and authentication for requests to its download.php endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs.

Затрагиваемое ПО
Osteopathic Downloadable by american osteopathic association
CVSS
Балл7.2 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Источники
https://wpscan.com/vulnerability/d6a78233-3f23-4da4-9bc0-1439cde20a30/