Vulnerability Details CVE-2020-14205
The DiveBook plugin 1.1.4 for WordPress is prone to improper access control in the Log Dive form because it fails to perform authorization checks. An attacker may leverage this issue to manipulate the integrity of dive logs.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 43.9%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
Products affected by CVE-2020-14205
-
cpe:2.3:a:divebook_project:divebook:1.1.4