CVE-2021-25059

CVE-2021-25059

The Download Plugin WordPress plugin before 2.0.0 does not properly validate a user has the required privileges to access a backup’s nonce identifier, which may allow any users with an account on the site (such as subscriber) to download a full copy of the website.

Source: CVE-2021-25059

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다