CVE-2016-10968

MEDIUM

Description

The peepso-core plugin before 1.6.1 for WordPress has PeepSoProfilePreferencesAjax->save() privilege escalation.

References

http://www.pritect.net/blog/peepso-1-6-0-logged-user-privilege-escalation

https://wordpress.org/plugins/peepso-core/#developers

Details

Source: MITRE

Published: 2019-09-16

Updated: 2019-09-18

Type: CWE-269

Risk Information

CVSS v2.0

Base Score: 6.5

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8

Severity: MEDIUM