4 matches found
CVE-2024-8352
CVE-2024-8352 affects the WordPress plugin Social Web Suite – Social Media Auto Post, Social Media Auto Publish up to version 4.1.11. It is a Directory Traversal vulnerability exploitable via the download_log function, allowing unauthenticated attackers to read arbitrary server files. Reports acr...
CVE-2024-8352 Social Web Suite – Social Media Auto Post, Social Media Auto Publish <= 4.1.11 - Directory Traversal to Arbitrary File Download
The Social Web Suite – Social Media Auto Post, Social Media Auto Publish plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 4.1.11 via the downloadlog function. This makes it possible for unauthenticated attackers to read the contents of arbitrary file...
CVE-2024-8352 Social Web Suite – Social Media Auto Post, Social Media Auto Publish <= 4.1.11 - Directory Traversal to Arbitrary File Download
The Social Web Suite – Social Media Auto Post, Social Media Auto Publish plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 4.1.11 via the downloadlog function. This makes it possible for unauthenticated attackers to read the contents of arbitrary file...
WordPress Social Web Suite Plugin <= 4.1.11 is vulnerable to Arbitrary File Download
Software Social Web Suite Type Plugin Vulnerable versions = 4.1.11 Fixed in 4.1.12 OWASP Top 10 A1: Broken Access Control Classification Arbitrary File Download CVE CVE-2024-8352 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 9b823a04681b Credits Thanh Nam Tran Required...