Boletines de Vulnerabilidades

Easily Exploitable Vulnerabilities Patched in WP Database Reset Plugin


Información sobre el sistema

   
Software afectado Wordpress

Descripción

https://www.wordfence.com/blog/2020/01/easily-exploitable-vulnerabilities-patched-in-wp-database-reset-plugin/ On January 7th, our Threat Intelligence team discovered vulnerabilities in WP Database Reset, a WordPress plugin installed on over 80,000 websites. One of these flaws allowed any unauthenticated user to reset any table from the database to the initial WordPress set-up state, while the other flaw allowed any authenticated user, even those with minimal […]

More info:

https://www.wordfence.com/blog/2020/01/easily-exploitable-vulnerabilities-patched-in-wp-database-reset-plugin/

Identificadores estándar

Propiedad Valor
CVE CVE-2020-7048 and CVE-2020-7047.

Histórico de versiones

Versión Comentario Data
1.0 Advisory issued 2020-01-18
Ministerio de Defensa
CNI
CCN
CCN-CERT