Lucene search
+L

5 matches found

NVD
NVD
added 2025/01/21 5:15 a.m.16 views

CVE-2024-13536

The 1003 Mortgage Application plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.87. This is due the /inc/class/fnm/export.php file being publicly accessible with error logging enabled. This makes it possible for unauthenticated attackers to retriev...

5.3CVSS0.00372EPSS
Exploits0References2
Circl
Circl
added 2025/01/21 4:26 a.m.5 views

CVE-2024-13536

creationtimestamp| type| source ---|---|--- 2025-01-21 04:26:48+00:00| seen| https://infosec.exchange/users/cve/statuses/113864448812079089 2025-01-21 05:01:20+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2376 2025-01-21 05:15:26+00:00| seen|...

5.3CVSS6.7AI score0.00372EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/01/21 4:20 a.m.5 views

CVE-2024-13536 1003 Mortgage Application <= 1.87 - Unauthenticated Full Path Disclosure

The 1003 Mortgage Application plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.87. This is due the /inc/class/fnm/export.php file being publicly accessible with error logging enabled. This makes it possible for unauthenticated attackers to retriev...

5.3CVSS6.5AI score0.00372EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/21 4:20 a.m.23 views

CVE-2024-13536 1003 Mortgage Application <= 1.87 - Unauthenticated Full Path Disclosure

The 1003 Mortgage Application plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.87. This is due the /inc/class/fnm/export.php file being publicly accessible with error logging enabled. This makes it possible for unauthenticated attackers to retriev...

5.3CVSS0.00372EPSS
Exploits0References2
CVE
CVE
added 2025/01/21 4:20 a.m.62 views

CVE-2024-13536

CVE-2024-13536 affects the WordPress plugin “1003 Mortgage Application” (versions up to 1.87). The vulnerability is a Full Path Disclosure caused by the publicly accessible /inc/class/fnm/export.php when error logging is enabled, enabling unauthenticated attackers to retrieve the webapp’s full pa...

5.3CVSS5.1AI score0.00372EPSS
Exploits0References2
Rows per page
Query Builder