5 matches found
CVE-2024-13536
The 1003 Mortgage Application plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.87. This is due the /inc/class/fnm/export.php file being publicly accessible with error logging enabled. This makes it possible for unauthenticated attackers to retriev...
CVE-2024-13536
creationtimestamp| type| source ---|---|--- 2025-01-21 04:26:48+00:00| seen| https://infosec.exchange/users/cve/statuses/113864448812079089 2025-01-21 05:01:20+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2376 2025-01-21 05:15:26+00:00| seen|...
CVE-2024-13536 1003 Mortgage Application <= 1.87 - Unauthenticated Full Path Disclosure
The 1003 Mortgage Application plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.87. This is due the /inc/class/fnm/export.php file being publicly accessible with error logging enabled. This makes it possible for unauthenticated attackers to retriev...
CVE-2024-13536 1003 Mortgage Application <= 1.87 - Unauthenticated Full Path Disclosure
The 1003 Mortgage Application plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.87. This is due the /inc/class/fnm/export.php file being publicly accessible with error logging enabled. This makes it possible for unauthenticated attackers to retriev...
CVE-2024-13536
CVE-2024-13536 affects the WordPress plugin “1003 Mortgage Application” (versions up to 1.87). The vulnerability is a Full Path Disclosure caused by the publicly accessible /inc/class/fnm/export.php when error logging is enabled, enabling unauthenticated attackers to retrieve the webapp’s full pa...