Lucene search

[email protected]NVD:CVE-2024-32523

HistoryMay 17, 2024 - 9:15 a.m.

CVE-2024-32523

2024-05-1709:15:38

CWE-22

[email protected]

web.nvd.nist.gov

cve-2024-32523

improper limitation

path traversal

everpress mailster

php local file inclusion

security vulnerability

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:L

0.0004 Low

EPSS

Percentile

10.5%

JSON

Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in EverPress Mailster allows PHP Local File Inclusion.This issue affects Mailster: from n/a through 4.0.6.

References

patchstack.com/database/vulnerability/mailster/wordpress-mailster-plugin-4-0-6-unauthenticated-local-file-inclusion-vulnerability?_s_id=cve

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:L

0.0004 Low

EPSS

Percentile

10.5%

JSON

Related for NVD:CVE-2024-32523

githubexploit1 cve1 vulnrichment1 wpvulndb1 cvelist1 wordfence1