4 matches found
CVE-2024-6546
The One Click Close Comments plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.7.1. This is due to the plugin utilizing bootstrap and leaving test files with displayerrors on. This makes it possible for unauthenticated attackers to retrieve the ful...
CVE-2024-6546
CVE-2024-6546 affects One Click Close Comments for WordPress (
CVE-2024-6546 One Click Close Comments <= 2.7.1 - Unauthenticated Full Path Disclosure
The One Click Close Comments plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.7.1. This is due to the plugin utilizing bootstrap and leaving test files with displayerrors on. This makes it possible for unauthenticated attackers to retrieve the ful...
PT-2024-37703 · WordPress · One Click Close Comments
Name of the Vulnerable Software and Affected Versions: One Click Close Comments plugin for WordPress versions up to and including 2.7.1 Description: The issue is related to Full Path Disclosure, which occurs because the plugin uses bootstrap and leaves test files with display errors on. This allo...