Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2020-26596 | First vendor Publication | 2020-10-07 |
Vendor | Cve | Last vendor Modification | 2021-07-21 |
Security-Database Scoring CVSS v3
Cvss vector : CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | |||
---|---|---|---|
Overall CVSS Score | 8.8 | ||
Base Score | 8.8 | Environmental Score | 8.8 |
impact SubScore | 5.9 | Temporal Score | 8.8 |
Exploitabality Sub Score | 2.8 | ||
Attack Vector | Network | Attack Complexity | Low |
Privileges Required | Low | User Interaction | None |
Scope | Unchanged | Confidentiality Impact | High |
Integrity Impact | High | Availability Impact | High |
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:S/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 8 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
The Dynamic OOO widget for the Elementor Pro plugin through 3.0.5 for WordPress allows remote authenticated users to execute arbitrary code because only the Editor role is needed to upload executable PHP code via the PHP Raw snippet. NOTE: this issue can be mitigated by removing the Dynamic OOO widget or by restricting availability of the Editor role. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26596 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-269 | Improper Privilege Management |
CPE : Common Platform Enumeration
Sources (Detail)
Source | Url |
---|---|
MISC | https://elementor.com/pro/changelog/ https://ww2.compunet.cl/dia-cero-en-plugin-de-wordpres-detectada-compunet-red... |
Alert History
Date | Informations |
---|---|
2024-02-02 02:15:25 |
|
2024-02-01 12:20:37 |
|
2023-09-05 13:09:52 |
|
2023-09-05 01:20:14 |
|
2023-09-02 13:08:41 |
|
2023-09-02 01:20:31 |
|
2023-08-12 13:13:25 |
|
2023-08-12 01:19:46 |
|
2023-08-11 13:06:28 |
|
2023-08-11 01:20:25 |
|
2023-08-06 13:04:44 |
|
2023-08-06 01:19:36 |
|
2023-08-04 13:05:05 |
|
2023-08-04 01:19:53 |
|
2023-07-14 13:05:05 |
|
2023-07-14 01:19:44 |
|
2023-06-14 01:53:00 |
|
2023-03-29 02:07:42 |
|
2023-03-28 12:19:58 |
|
2023-03-02 01:54:41 |
|
2022-10-11 12:58:05 |
|
2022-10-11 01:19:33 |
|
2021-08-05 01:38:21 |
|
2021-07-21 17:23:20 |
|
2020-12-30 21:23:19 |
|
2020-10-17 00:22:59 |
|
2020-10-07 21:23:12 |
|