Detections
Analytics

CVE-2019-16251

medium

Description

plugin-fw/lib/yit-plugin-panel-wc.php in the YIT Plugin Framework through 3.3.8 for WordPress allows authenticated options changes.

References

https://wpvulndb.com/vulnerabilities/9932

https://blog.nintechnet.com/authenticated-settings-change-vulnerability-in-yit-plugin-framework/

Details

Source: Mitre, NVD

Published: 2019-10-31

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 4.3

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.00505