CNNVD-202512-3020 Information
CNNVD ID
CNNVD-202512-3020
Related CVE
- CNNVD Published: 2025-12-16
Description (Chinese)
ws等都是(WebSockets)开源的产品。ws是一个 Node.js WebSocket 库。FreeBSD ctl等都是(FreeBSD)基金会的产品。ctl是一个工具。R infrastructure gh等都是(R infrastructure)开源的产品。gh是一个GitHub的API库。 WordPress plugin Essential Real Estate 5.2.2及之前版本存在安全漏洞,该漏洞源于用户控制密钥导致授权绕过,可能利用错误配置的访问控制安全级别。
Description (English)
Ws are all open-source products. Ws is a Node.js WebSocket library. FreeBSD ctl etc. are the products of FreeBSD. Ctl is a tool. R infrastructure gh etc. are open-source products. gh is a Github API library. WordPress Plugin Essential Real State 5.2.2 and previous versions had a security loophole, which originated from a user control key that led to a circumvention of the authorization, possibly using the wrong configuration to control the security level of access.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
WordPress
Published
2025-12-16
Last Modified
2026-02-24