CVE-2023-6139
Essential Real Estate < 4.4.0 - Subscriber+ Denial of Service via Arbitrary Option Update
The Essential Real Estate WordPress plugin before 4.4.0 does not apply proper capability checks on its AJAX actions, which among other things, allow attackers with a subscriber account to conduct Denial of Service attacks.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Productos afectados
Unknown · Essential Real Estate¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →