← volver
CVE-2023-6077

Slider - Ultimate Responsive Image Slider < 3.5.12 - Subscriber+ Arbitrary Post Access

EPSS 0.7%
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 0.7%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
18 dic 2023Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
The Slider WordPress plugin before 3.5.12 does not ensure that posts to be accessed via an AJAX action are slides and can be viewed by the user making the request, allowing any authenticated users, such as subscriber to access the content arbitrary post such as private, draft and password protected
Productos afectados
Unknown · Slider