3 matches found
WordPress Add Admin CSS Plugin <= 2.0.1 is vulnerable to Sensitive Data Exposure
Software Add Admin CSS Type Plugin Vulnerable versions = 2.0.1 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-6547 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 61a3002a46fe Credits stealthcopter Required privile...
CVE-2024-6547 Add Admin CSS <= 2.0.1 - Unauthenticated Full Path Dislcosure
The Add Admin CSS plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.0.1. This is due to the plugin utilizing bootstrap and leaving test files with displayerrors on. This makes it possible for unauthenticated attackers to retrieve the full path of t...
CVE-2024-6547
CVE-2024-6547 affects the Add Admin CSS plugin for WordPress (versions up to and including 2.0.1). The issue is Full Path Disclosure caused by the plugin using bootstrap and leaving test files with display_errors on, enabling unauthenticated access to the web app’s full filesystem path. The discl...