7.2

CVE-2022-38104

WordPress Accordions plugin <= 2.0.3 - Auth. WordPress Options Change vulnerability

Accordions – Multiple Accordions or FAQs Builder <= 2.0.3 - Authenticated Arbitrary Options Update

Auth. WordPress Options Change (siteurl, users_can_register, default_role, admin_email and new_admin_email) vulnerability in Biplob Adhikari's Accordions – Multiple Accordions or FAQs Builder plugin (versions <= 2.0.3 on WordPress.
Mögliche Gegenmaßnahme
Accordion – Multiple Accordion or FAQs Builder: Update to version 2.1.0, or a newer patched version
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OxilabAccordions SwPlatformwordpress Version < 2.1.0
Weitere Schwachstelleninformationen
SystemWordPress Plugin
Produkt Accordion – Multiple Accordion or FAQs Builder
Version *-2.0.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.88% 0.544
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 1.2 5.9
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
audit@patchstack.com 7.2 1.2 5.9
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://wordpress.org/plugins/accordions-or-faqs/#developers
Third Party Advisory
Product
https://patchstack.com/database/vulnerability/accordions-or-faqs/wordpress-accordions-plugin-2-0-3-authenticated-wordpress-options-change-vulnerability?_s_id=cve
Third Party Advisory
https://www.wordfence.com/threat-intel/vulnerabilities/id/ee213b2c-b59d-4563-98d1-a26b1e8e13a7
Third Party Advisory