Vulnerability   
Search   
    Search 187964 CVE descriptions
and 85075 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.112732
Category:Web application abuses
Title:WordPress Responsive Ready Sites Importer Plugin < 2.2.6 IAC Vulnerability
Summary:Responsive Ready Sites Importer plugin for WordPress is prone to an incorrect access control (IAC) vulnerability.
Description:Summary:
Responsive Ready Sites Importer plugin for WordPress is prone to an incorrect access control (IAC) vulnerability.

Vulnerability Impact:
Successful exploitation would allow an authenticated user, regardless of privilege level,
the ability to execute various AJAX actions that could reset site data, inject malicious JavaScript in pages, modify theme
customizer data, import .xml and .json files, and activate plugins, among many other actions.

Affected Software/OS:
WordPress Responsive Ready Sites Importer plugin before version 2.2.6.

Solution:
Update to version 2.2.6 or later.

CVSS Score:
6.5

CVSS Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2020-12073
CopyrightCopyright (C) 2020 Greenbone Networks GmbH

This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2020 E-Soft Inc. All rights reserved.