CVE-2022-3930

Sažetak

The Directorist WordPress plugin before 7.4.2.2 suffers from an IDOR vulnerability which an attacker can exploit to change the password of arbitrary users instead of his own.

Reference

https://wpscan.com/vulnerability/8728d02a-51db-4447-a843-0264b6ceb413
https://wpscan.com/vulnerability/8728d02a-51db-4447-a843-0264b6ceb413

CVSS

Base:	6.5
Impact:	3.6
Exploitability:	2.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	HIGH	NONE

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Zadnje važnije ažuriranje

22-04-2025 - 18:15

Objavljeno

12-12-2022 - 18:15