Pular para o conteúdo
Ver todas as ameaças

CVE-2020-36698

Alvo: Não informado

Descrição

The Security & Malware scan by CleanTalk plugin for WordPress is vulnerable to unauthorized user interaction in versions up to, and including, 2.50. This is due to missing capability checks on several AJAX actions and nonce disclosure in the source page of the administrative dashboard. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to call functions and delete and/or upload files.

Software
Não informado
Tipo Software
Plugin
CVE
CVE-2020-36698
Tags
Nâo informado
Data de publicação
20/10/2023
Última atualização
08/11/2023
Pontuação em CVSS 3.0
8.8
Alto
plugins premium WordPress