Lucene search

K
nvd[email protected]NVD:CVE-2023-6383
HistoryJan 08, 2024 - 7:15 p.m.

CVE-2023-6383

2024-01-0819:15:10
CWE-862
web.nvd.nist.gov
1
debug log manager
plugin
directory listing
unauthorized access
sensitive data

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

36.0%

The Debug Log Manager WordPress plugin before 2.3.0 contains a Directory listing vulnerability was discovered, which allows you to download the debug log without authorization and gain access to sensitive data

Affected configurations

NVD
Node
bowodebug_log_managerRange<2.3.0wordpress

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

36.0%

Related for NVD:CVE-2023-6383