CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-1000507

WP User Groups version 2.0.0 contains a Cross ite Request Forgery (CSRF) vulnerability in Settings page that can result in allows anybody to modify user groups and types. This attack appear to be exploitable via Admin must click on link. This vulnerability appears to have been fixed in 2.1.1.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 31.3%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.3

References

https://advisories.dxw.com/advisories/csrf-wp-user-groups/
https://advisories.dxw.com/advisories/csrf-wp-user-groups/

Products affected by CVE-2018-1000507

Jjj » Wp User Groups » Version: 2.0.0

cpe:2.3:a:jjj:wp_user_groups:2.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-1000507

Products

Pricing

Contact Us