CVE-2019-20203

Medium

The Authorized Addresses feature in the Postie plugin 1.9.40 for WordPress allows remote attackers to publish posts by spoofing the From…

mitre·CWE-290·Published 2020-01-01

CVSS

5.3

EPSS

0.02

KEV

Exploits

cve.orgen

169 chars

The Authorized Addresses feature in the Postie plugin 1.9.40 for WordPress allows remote attackers to publish posts by spoofing the From information of an email message.

NVDen

169 chars

The Authorized Addresses feature in the Postie plugin 1.9.40 for WordPress allows remote attackers to publish posts by spoofing the From information of an email message.

La funcionalidad Authorized Addresses en el plugin Postie versión 1.9.40 para WordPress, permite a atacantes remotos realizar publicaciones falsificando la información From de un mensaje de correo electrónico.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N
3.1	Primary	NVD	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N