The EazyDocs WordPress plugin before 2.4.0 re-introduced CVE-2023-6029 (https://wpscan.com/vulnerability/7a0aaf85-8130-4fd7-8f09-f8edc929597e/) in 2.3.8, allowing any authenticated users, such as subscriber to delete arbitrary posts, as well as add and delete documents/sections. The issue was partially fixed in 2.3.9.
Metrics
Affected Vendors & Products
References
History
Wed, 09 Oct 2024 13:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Spider-themes
Spider-themes eazydocs |
|
Weaknesses | NVD-CWE-noinfo | |
CPEs | cpe:2.3:a:spider-themes:eazydocs:*:*:*:*:*:wordpress:*:* | |
Vendors & Products |
Spider-themes
Spider-themes eazydocs |
|
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2024-02-12T16:05:59.465Z
Updated: 2024-08-01T17:41:16.584Z
Reserved: 2024-01-05T13:31:32.604Z
Link: CVE-2024-0248
Vulnrichment
No data.
NVD
Status : Modified
Published: 2024-02-12T16:15:08.443
Modified: 2024-11-21T08:46:08.790
Link: CVE-2024-0248
Redhat
No data.