CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-1000505

Tooltipy (tooltips for WP) version 5 contains a Cross ite Request Forgery (CSRF) vulnerability in Settings page that can result in could allow anybody to duplicate posts. This attack appear to be exploitable via Admin must follow a link. This vulnerability appears to have been fixed in 5.1.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.0%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.3

References

https://advisories.dxw.com/advisories/csrf-in-tooltipy/
https://advisories.dxw.com/advisories/csrf-in-tooltipy/

Products affected by CVE-2018-1000505

Tooltipy » Tooltipy » Version: 5.0

cpe:2.3:a:tooltipy:tooltipy:5.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-1000505

Products

Pricing

Contact Us