Vulnerability Details CVE-2021-37598
WP Cerber before 8.9.3 allows bypass of /wp-json access control via a trailing ? character.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 48.7%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
- https://github.com/fireeye/Vulnerability-Disclosures
- https://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2021-0024/FEYE-2021-0024.md
- https://github.com/fireeye/Vulnerability-Disclosures
- https://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2021-0024/FEYE-2021-0024.md