CVE-2020-12073 CRITICAL

CVE-2020-12073

Vendor N/A
Product n/a
Published April 23, 2020
Last update August 4, 2024

CVSS base score

9.1/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity High

CVSS vector

CVSS:3.0/AC:L/AV:N/A:L/C:L/I:H/PR:L/S:C/UI:N

What the vulnerability does

01Description

The responsive-add-ons plugin before 2.2.7 for WordPress has incorrect access control for wp-admin/admin-ajax.php?action= requests.

Key dates

02Disclosure timeline

April 23, 2020 CVE published
August 4, 2024 Record updated