Lucene search

[email protected]NVD:CVE-2023-6592

HistoryJan 16, 2024 - 4:15 p.m.

CVE-2023-6592

2024-01-1616:15:13

[email protected]

web.nvd.nist.gov

wordpress plugin

directory listing

sensitive directories

export files

vulnerability

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

0.0005 Low

EPSS

Percentile

17.0%

JSON

The FastDup WordPress plugin before 2.2 does not prevent directory listing in sensitive directories containing export files.

Affected configurations

NVD

Node

ninjateamfastdupRange<2.2wordpress

References

research.cleantalk.org/cve-2023-6592-fastdup-database-users-password-leak-poc-exploit/

wpscan.com/vulnerability/a39bb807-b143-4863-88ff-1783e407d7d4/

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

0.0005 Low

EPSS

Percentile

17.0%

JSON

Related for NVD:CVE-2023-6592

cvelist1 wpexploit1 cve1 wpvulndb1 prion1 wordfence1