Vulnerability Details CVE-2019-14682
The acf-better-search (aka ACF: Better Search) plugin before 3.3.1 for WordPress allows wp-admin/options-general.php?page=acfbs_admin_page CSRF.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.7%
CVSS Severity
CVSS v3 Score 4.3
CVSS v2 Score 4.3
References
- https://wordpress.org/plugins/acf-better-search/#developers
- https://wpvulndb.com/vulnerabilities/9399
- https://www.pluginvulnerabilities.com/2019/06/26/cross-site-request-forgery-csrf-settings-change-vulnerability-in-acf-better-search/
- https://wordpress.org/plugins/acf-better-search/#developers
- https://wpvulndb.com/vulnerabilities/9399
- https://www.pluginvulnerabilities.com/2019/06/26/cross-site-request-forgery-csrf-settings-change-vulnerability-in-acf-better-search/
Products affected by CVE-2019-14682
-
cpe:2.3:a:acf:_better_search_project:acf