2 matches found
CVE-2024-6544 Custom Post Limits <= 4.4.1 - Unauthenticated Full Path Disclosure
The Custom Post Limits plugin for WordPress is vulnerable to full path disclosure in all versions up to, and including, 4.4.1. This is due to the plugin utilizing bootstrap and leaving test files with displayerrors on. This makes it possible for unauthenticated attackers to retrieve the full path...
WordPress Custom Post Limits Plugin <= 4.4.1 is vulnerable to Full Path Disclosure (FPD)
Software Custom Post Limits Type Plugin Vulnerable versions = 4.4.1 Fixed in N/A OWASP Top 10 A5: Security Misconfiguration Classification Full Path Disclosure FPD CVE CVE-2024-6544 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 71ab81c6724d Credits stealthcopter Required...