2 matches found
WordPress Intelligence Plugin <= 1.4.0 is vulnerable to Sensitive Data Exposure
Software Intelligence Type Plugin Vulnerable versions = 1.4.0 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-6573 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID bdfe8c7e8b17 Credits stealthcopter Required privileg...
CVE-2024-6573
CVE-2024-6573 affects the WordPress Intelligence plugin and describes a Full Path Disclosure vulnerability in all versions up to and including 1.4.0. The issue arises because the plugin does not block direct access to /vendor/levelten/intel/realtime/index.php and because display_errors is enabled...