CVE-2020-35773

HIGH WAF: Low
CVSS 8.8 Published: 2020-12-29
CWE-352

The site-offline plugin before 1.4.4 for WordPress lacks certain wp_create_nonce and wp_verify_nonce calls, aka CSRF.

WAF Coverage Analysis

Cross-Site Request Forgery (CSRF) Low WAF Coverage

OWASP: A01:2021 Broken Access Control

Affected Software

VendorProductVersion
freehtmldesignssite_offlineup to 1.4.4

References

Back to CVE Database