Lucene search
K

4 matches found

Nuclei
Nuclei
added 12 hours ago11 views

WP Popups - Information Disclosure

WP Popups - WordPress Popup builder plugin for WordPress contains a full path disclosure caused by using mobiledetect without access restrictions, letting unauthenticated attackers retrieve server paths, exploit requires no specific conditions. id: CVE-2024-6555 info: name: WP Popups - Informatio...

5.3CVSS5.8AI score0.00927EPSS
Exploits0References4
Circl
Circl
added 2024/07/12 9:23 a.m.5 views

CVE-2024-6555

creationtimestamp| type| source ---|---|--- 2024-07-12 09:23:09+00:00| seen| https://t.me/cvedetector/703 2025-12-02 07:41:11+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-6555.yaml 2025-12-02 21:02:32+00:00| seen|...

5.3CVSS4.8AI score0.00927EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/12 5:32 a.m.33 views

CVE-2024-6555 WP Popups – WordPress Popup builder <= 2.2.0.1 - Unauthenticated Full Path Disclosure

The WP Popups – WordPress Popup builder plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.2.0.1. This is due the plugin utilizing mobiledetect without preventing direct access to the files. This makes it possible for unauthenticated attackers to...

5.3CVSS0.00927EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/07/12 12:0 a.m.11 views

WordPress WP Popups Plugin <= 2.2.0.1 is vulnerable to Full Path Disclosure (FPD)

Software WP Popups Type Plugin Vulnerable versions = 2.2.0.1 Fixed in 2.2.0.2 OWASP Top 10 A5: Security Misconfiguration Classification Full Path Disclosure FPD CVE CVE-2024-6555 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 91f90e97fc95 Credits stealthcopter Required...

5.3CVSS6.6AI score0.00927EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder