3 matches found
CVE-2024-6560
The Addonify – Quick View For WooCommerce plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.2.16. This is due the plugin utilizing mobiledetect without preventing direct access to the files. This makes it possible for unauthenticated attackers to...
WordPress Addonify Plugin <= 1.2.16 is vulnerable to Sensitive Data Exposure
Software Addonify Type Plugin Vulnerable versions = 1.2.16 Fixed in 1.2.17 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-6560 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID d0b06da3556d Credits stealthcopter Required privileg...
CVE-2024-6560 Addonify – Quick View For WooCommerce <= 1.2.16 - Unauthenticated Full Path Dislcosure
The Addonify – Quick View For WooCommerce plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.2.16. This is due the plugin utilizing mobiledetect without preventing direct access to the files. This makes it possible for unauthenticated attackers to...