4 matches found
CVE-2024-6562 affiliate-toolkit <= 3.5.5 - Unauthenticated Full Path Dislcosure
The affiliate-toolkit – WordPress Affiliate Plugin plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.5.5. This is due displayerrors being set to true . This makes it possible for unauthenticated attackers to retrieve the full path of the web...
CVE-2024-6562 affiliate-toolkit <= 3.5.5 - Unauthenticated Full Path Dislcosure
The affiliate-toolkit – WordPress Affiliate Plugin plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.5.5. This is due displayerrors being set to true . This makes it possible for unauthenticated attackers to retrieve the full path of the web...
CVE-2024-6562
CVE-2024-6562 concerns the affiliate-toolkit – WordPress Affiliate Plugin for WordPress. The vulnerability is a Full Path Disclosure present in all versions up to and including 3.5.5, caused by display_errors being set to true. This allows unauthenticated attackers to retrieve the full path of th...
WordPress affiliate-toolkit Plugin <= 3.5.5 is vulnerable to Sensitive Data Exposure
Software affiliate-toolkit Type Plugin Vulnerable versions = 3.5.5 Fixed in 3.6 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-6562 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 5b7ee2241ccc Credits stealthcopter Required...