Vulnerability Details CVE-2017-1002000
Vulnerability in wordpress plugin mobile-friendly-app-builder-by-easytouch v3.0, The code in file ./mobile-friendly-app-builder-by-easytouch/server/images.php doesn't require authentication or check that the user is allowed to upload content.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.643
EPSS Ranking 98.4%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://www.securityfocus.com/bid/96899
- http://www.securityfocus.com/bid/96905
- http://www.vapidlabs.com/advisory.php?v=179
- https://wordpress.org/plugins-wp/mobile-friendly-app-builder-by-easytouch/
- https://www.exploit-db.com/exploits/41540/
- http://www.securityfocus.com/bid/96899
- http://www.securityfocus.com/bid/96905
- http://www.vapidlabs.com/advisory.php?v=179
- https://wordpress.org/plugins-wp/mobile-friendly-app-builder-by-easytouch/
- https://www.exploit-db.com/exploits/41540/
Products affected by CVE-2017-1002000
-
Mobile-Friendly-App-Builder-By-Easytouch Project » Mobile-Friendly-App-Builder-By-Easytouch » Version: 3.0cpe:2.3:a:mobile-friendly-app-builder-by-easytouch_project:mobile-friendly-app-builder-by-easytouch:3.0