CVE-2024-6568

The Flamix: Bitrix24 and Contact Form 7 integrations plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.1.0. This is due the plugin utilizing mobiledetect without preventing direct access to the files. This makes it possible for unauthenticated...

CVE-2024-6568

CVE-2024-6568 affects Flamix: Bitrix24 and Contact Form 7 integrations plugin for WordPress (versions ≤ 3.1.0). It exposes Full Path Disclosure due to mobiledetect access not being restricted, enabling unauthenticated retrieval of the web root path. This is a low- to medium-severity issue (CVSS v...

WordPress plugin Flamix 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2024-37724 · WordPress +1 · The Flamix +1

Name of the Vulnerable Software and Affected Versions: The Flamix: Bitrix24 and Contact Form 7 integrations plugin for WordPress versions up to, and including, 3.1.0 Description: The plugin is vulnerable to Full Path Disclosure due to its utilization of mobiledetect without preventing direct acce...