PT-2019-12543 · Waspthemes · Waspthemes Visual Css Style Editor

Publicado

2019-05-13

Atualizado

2019-05-15

CVE-2019-11886

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions WaspThemes Visual CSS Style Editor plugin versions prior to 7.2.1

Description The issue allows for a CSRF attack, potentially granting admin access through the use of yp remote get.

Recommendations For versions prior to 7.2.1, update to version 7.2.1 or later to resolve the issue.

Exploit

Correção

CSRF

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2019-11886

Waspthemes Visual Css Style Editor