Descrição
An issue was discovered in the IMPress for IDX Broker plugin before 2.6.2 for WordPress. wrappers.php allows a logged-in user (with the Subscriber role) to permanently delete arbitrary posts and pages, create new posts with arbitrary subjects, and modify the subjects of existing posts and pages (via create_dynamic_page and delete_dynamic_page).
Software
Não informado
Tipo Software
Plugin
CVE
CVE-2020-9514
Tags
Nâo informado
Data de publicação
07/04/2020
Última atualização
08/12/2024
Pontuação em CVSS 3.0
6.5
Médio