Lucene search
K

6 matches found

GithubExploit
GithubExploit
added 2024/10/11 9:17 a.m.565 views

Exploit for Path Traversal in Kau-Boys Hello_World

CVE-2024-9224 Hello World = 2.1.1 - Authenticated Subscri...

6.5CVSS6.2AI score0.0146EPSS
Exploits1
OSV
OSV
added 2024/10/01 9:15 a.m.5 views

CVE-2024-9224

The Hello World plugin for WordPress is vulnerable to Arbitrary File Reading in all versions up to, and including, 2.1.1 via the helloworldlyric function. This makes it possible for authenticated attackers, with subscriber-level access and above, to read the contents of arbitrary files on the...

6.5CVSS5.9AI score
Exploits0References3
CVE
CVE
added 2024/10/01 8:30 a.m.56 views

CVE-2024-9224

CVE-2024-9224 corresponds to the WordPress Hello World plugin (<= v2.1.1) Arbitrary File Read. The vulnerability is triggered via the hello_world_lyric() function, allowing authenticated users with subscriber-level access or higher to read arbitrary server files containing sensitive informatio...

6.5CVSS6.5AI score0.0146EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2024/10/01 8:30 a.m.27 views

CVE-2024-9224 Hello World <= 2.1.1 - Authenticated (Subscriber+) Arbitrary File Read

The Hello World plugin for WordPress is vulnerable to Arbitrary File Reading in all versions up to, and including, 2.1.1 via the helloworldlyric function. This makes it possible for authenticated attackers, with subscriber-level access and above, to read the contents of arbitrary files on the...

6.5CVSS0.0146EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/10/01 8:30 a.m.15 views

CVE-2024-9224 Hello World <= 2.1.1 - Authenticated (Subscriber+) Arbitrary File Read

The Hello World plugin for WordPress is vulnerable to Arbitrary File Reading in all versions up to, and including, 2.1.1 via the helloworldlyric function. This makes it possible for authenticated attackers, with subscriber-level access and above, to read the contents of arbitrary files on the...

6.5CVSS6.5AI score0.0146EPSS
Exploits1References4
Patchstack
Patchstack
added 2024/10/01 12:0 a.m.20 views

WordPress Hello World Plugin <= 2.1.1 is vulnerable to Arbitrary File Download

Software Hello World Type Plugin Vulnerable versions = 2.1.1 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Arbitrary File Download CVE CVE-2024-9224 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID 936cc3342bfb Credits yudha Required privilege...

6.5CVSS6.5AI score0.0146EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder