The ListingPro - WordPress Directory... CVE-2020-36719

- AV AC AU C I A
发布: 2023-06-07
修订: 2024-11-21

The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Arbitrary Plugin Installation, Activation and Deactivation in versions before 2.6.1. This is due to a missing capability check on the lp_cc_addons_actions function. This makes it possible for unauthenticated attackers to arbitrarily install, activate and deactivate any plugin.

0%
暂无可用Exp或PoC
当前有1条受影响产品信息