CVE-2023-6384 - CERT CVE

  1. CVE-2023-6384

ID CVE-2023-6384
Sažetak The WP User Profile Avatar WordPress plugin before 1.0.1 does not properly check for authorisation, allowing authors to delete and update arbitrary avatar
Reference
CVSS
Base: 4.3
Impact: 1.4
Exploitability:2.8
Pristup
VektorSloženostAutentikacija
NETWORK LOW LOW
Impact
PovjerljivostCjelovitostDostupnost
NONE LOW NONE
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Zadnje važnije ažuriranje 11-06-2025 - 17:15
Objavljeno 22-01-2024 - 20:15