2 matches found
CVE-2024-6687 CTT Expresso para WooCommerce <= 3.2.12 - Information Exposure via Unprotected Directory
The CTT Expresso para WooCommerce plugin for WordPress is vulnerable to sensitive information exposure in all versions up to and including 3.2.12 via the /wp-content/uploads/cepw directory. The generated .pdf and log files are publicly accessible and contain sensitive information such as sender a...
WordPress CTT Expresso para WooCommerce Plugin <= 3.2.12 is vulnerable to Sensitive Data Exposure
Software CTT Expresso para WooCommerce Type Plugin Vulnerable versions = 3.2.12 Fixed in 3.2.13 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-6687 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 27468c538b68 Credits Ricardo...