Vulnerability Details CVE-2021-37598
WP Cerber before 8.9.3 allows bypass of /wp-json access control via a trailing ? character.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.057
EPSS Ranking 90.3%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
- https://github.com/fireeye/Vulnerability-Disclosures
- https://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2021-0024/FEYE-2021-0024.md
- https://github.com/fireeye/Vulnerability-Disclosures
- https://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2021-0024/FEYE-2021-0024.md