CVE-2017-1002006

CVE-2017-1002006

EPSS 3.2%

Vulnerability in wordpress plugin DTracker v1.5, The code dtracker/save_contact.php doesn't check that the user is authorized before injecting new contacts into the wp_contact table.

Productos afectados

ITFlux · DTracker

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://wordpress.org/plugins/dtracker/http://www.securityfocus.com/bid/96890 http://www.vapidlabs.com/advisory.php?v=186