2 matches found
WordPress Admin Trim Interface Plugin <= 3.5.1 is vulnerable to Sensitive Data Exposure
Software Admin Trim Interface Type Plugin Vulnerable versions = 3.5.1 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-6545 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 4e884f0bbd90 Credits stealthcopter Required...
CVE-2024-6545 Admin Trim Interface <= 3.5.1 - Unauthenticated Full Path Disclosure
The Admin Trim Interface plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.5.1. This is due to the plugin utilizing bootstrap and leaving test files with displayerrors on. This makes it possible for unauthenticated attackers to retrieve the full pa...