CVE-2019-14773 Information

Description

admin/includes/class.actions.snippet.php in the \Woody ad snippets\ plugin through 2.2.5 for WordPress allows wp-admin/admin-post.php?action=close&post= deletion.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Reference

https://wordpress.org/plugins/insert-php/developers https://www.pluginvulnerabilities.com/2019/08/01/post-deletion-vulnerability-in-woody-ad-snippets/

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

HIGH

Base Score

NONE

Base Severity

7.5