CVE-2022-3930
Directorist < 7.4.2.2 - Subscriber+ Arbitrary User Password Update via IDOR
The Directorist WordPress plugin before 7.4.2.2 suffers from an IDOR vulnerability which an attacker can exploit to change the password of arbitrary users instead of his own.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Produtos afetados
Unknown · DirectoristQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →