Functions/EWD_UFAQ_Import.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows unauthenticated options import.
References
Link | Resource |
---|---|
https://blog.nintechnet.com/unauthenticated-options-import-vulnerability-in-wordpress-ultimate-faq-plugin/ | Exploit Third Party Advisory |
https://wordpress.org/plugins/ultimate-faqs/#developers | Product Release Notes |
https://wpvulndb.com/vulnerabilities/9883 | Third Party Advisory |
Configurations
History
No history.
Information
Published : 2019-10-07 23:15
Updated : 2024-02-28 17:28
NVD link : CVE-2019-17232
Mitre link : CVE-2019-17232
CVE.ORG link : CVE-2019-17232
JSON object : View
Products Affected
etoilewebdesign
- ultimate_faq
CWE
CWE-306
Missing Authentication for Critical Function