daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2023-6389.yaml

patch-2
Ritik Chaddha 2024-05-06 08:18:41 +05:30 committed by GitHub
parent 6b92f9d9f0
commit eb9c8c312e
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
http/cves/2023/ CVE-2023-6389.yaml
View File

@ -7,8 +7,8 @@ info:
description: |
The plugin redirects to any URL via the "wptbto" parameter. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2023-6389
- https://wpscan.com/vulnerability/04dafc55-3a8d-4dd2-96da-7a8b100e5a81/
- https://nvd.nist.gov/vuln/detail/CVE-2023-6389
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -18,10 +18,12 @@ info:
epss-percentile: 0.40297
cpe: cpe:2.3:a:abhinavsingh:wordpress_toolbar:*:*:*:*:*:*:wordpress:*
metadata:
verified: true
max-request: 1
vendor: abhinavsingh
product: wordpress_toolbar
max-request: 1
tags: cve,cve2023,wordpress,wp-plugin,wordpress-toolbar,wp
publicwww-query: "/wp-content/plugins/wordpress-toolbar/"
tags: cve,cve2023,wordpress,wp-plugin,wordpress-toolbar,wp,redirect
http:
- method: GET