Lucene search
K

4 matches found

Patchstack
Patchstack
added 2024/07/29 12:0 a.m.10 views

WordPress Admin Post Navigation Plugin <= 2.1 is vulnerable to Sensitive Data Exposure

Software Admin Post Navigation Type Plugin Vulnerable versions = 2.1 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-6549 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID d9b047850a91 Credits stealthcopter Required...

5.3CVSS6.6AI score0.00423EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/07/27 1:51 a.m.45 views

CVE-2024-6549

CVE-2024-6549 (Admin Post Navigation, WordPress) enables unauthenticated full path disclosure in all versions up to 2.1 due to bootstrap usage and test files with display_errors enabled. This Information Exposure is not by itself destructive but can aid other attacks; exploitation requires anothe...

5.3CVSS5.2AI score0.00423EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/07/27 1:51 a.m.15 views

CVE-2024-6549 Admin Post Navigation <= 2.1 - Unauthenticated Full Path Disclosure

The Admin Post Navigation plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.1. This is due to the plugin utilizing bootstrap and leaving test files with displayerrors on. This makes it possible for unauthenticated attackers to retrieve the full pat...

5.3CVSS6.6AI score0.00423EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/27 1:51 a.m.36 views

CVE-2024-6549 Admin Post Navigation <= 2.1 - Unauthenticated Full Path Disclosure

The Admin Post Navigation plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.1. This is due to the plugin utilizing bootstrap and leaving test files with displayerrors on. This makes it possible for unauthenticated attackers to retrieve the full pat...

5.3CVSS0.00423EPSS
Exploits0References2
Rows per page
Query Builder