CVE-2020-9043

Exploit

wpCentral <= 1.5.0 - Improper Access Control to Privilege Escalation

The wpCentral plugin before 1.5.1 for WordPress allows disclosure of the connection key.

Mögliche Gegenmaßnahme

wpCentral: Update to version 1.5.1, or a newer patched version

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 7

Weitere Schwachstelleninformationen

SystemWordPress Plugin

≫

Produkt wpCentral

Version * - 1.5.0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Wpcentral ≫ Wpcentral SwPlatformwordpress Version < 1.5.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	29.55%	0.964

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	9	8	10	AV:N/AC:L/Au:S/C:C/I:C/A:C

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Patch

Third Party Advisory

Release Notes

Release Notes

Third Party Advisory

Exploit

Third Party Advisory

CVE Source (NVD)

CVE Source (JSON)

EUVD