Vulnerability Details CVE-2014-3844
The TinyMCE Color Picker plugin before 1.2 for WordPress does not properly check permissions, which allows remote attackers to modify plugin settings via unspecified vectors. NOTE: some of these details are obtained from third party information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.9%
CVSS Severity
CVSS v2 Score 5.0
References
Products affected by CVE-2014-3844
-
cpe:2.3:a:tinymce:color_picker:*
-
cpe:2.3:a:wordpress:wordpress:-