2 matches found
CVE-2024-6567 Ebook Store <= 5.8001 - Unauthenticated Full Path Disclosure
The Ebook Store plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 5.8001. This is due to the plugin utilizing fpdi-protection and not preventing direct access to test files that have displayerrors set to true. This makes it possible for unauthenticat...
WordPress Ebook Store Plugin <= 5.8001 is vulnerable to Sensitive Data Exposure
Software Ebook Store Type Plugin Vulnerable versions = 5.8001 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-6567 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 4d20c9d6d85a Credits stealthcopter Required privileg...