CVE-2024-5481 (GCVE-0-2024-5481)
Vulnerability from cvelistv5 – Published: 2024-06-07 09:33 – Updated: 2024-08-01 21:11
VLAI?
Summary
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.8.23 via the esc_dir function. This makes it possible for authenticated attackers to cut and paste (copy) the contents of arbitrary files on the server, which can contain sensitive information, and to cut (delete) arbitrary directories, including the root WordPress directory. By default this can be exploited by administrators only. In the premium version of the plugin, administrators can give gallery edit permissions to lower level users, which might make this exploitable by users as low as contributors.
Severity ?
6.8 (Medium)
CWE
- CWE-35 Path Traversal - '.../...//'
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10web | Photo Gallery by 10Web – Mobile-Friendly Image Gallery |
Affected:
* , ≤ 1.8.23
(semver)
|
Credits
Tobias Weißhaar
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5481",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T18:35:17.646938Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T18:36:39.514Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:11:12.793Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/76c38826-4d49-4204-b6b6-b01d01373fa9?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L178"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L512"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L436"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/3098798/"
},
{
"tags": [
"x_transferred"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.8.23",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tobias Wei\u00dfhaar"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.8.23 via the esc_dir function. This makes it possible for authenticated attackers to cut and paste (copy) the contents of arbitrary files on the server, which can contain sensitive information, and to cut (delete) arbitrary directories, including the root WordPress directory. By default this can be exploited by administrators only. In the premium version of the plugin, administrators can give gallery edit permissions to lower level users, which might make this exploitable by users as low as contributors."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-35 Path Traversal: \u0027.../...//\u0027",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-07T09:33:36.357Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/76c38826-4d49-4204-b6b6-b01d01373fa9?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L178"
},
{
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L512"
},
{
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L436"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3098798/"
},
{
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-06-06T21:19:21.000+00:00",
"value": "Disclosed"
}
],
"title": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery \u003c= 1.8.23 - Authenticated (Contributor+) Path Traversal via esc_dir Function"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-5481",
"datePublished": "2024-06-07T09:33:36.357Z",
"dateReserved": "2024-05-29T18:04:13.803Z",
"dateUpdated": "2024-08-01T21:11:12.793Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*\", \"versionEndExcluding\": \"1.8.24\", \"matchCriteriaId\": \"974320E7-18AE-4738-BE29-52AF8BDA52EE\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The Photo Gallery by 10Web \\u2013 Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.8.23 via the esc_dir function. This makes it possible for authenticated attackers to cut and paste (copy) the contents of arbitrary files on the server, which can contain sensitive information, and to cut (delete) arbitrary directories, including the root WordPress directory. By default this can be exploited by administrators only. In the premium version of the plugin, administrators can give gallery edit permissions to lower level users, which might make this exploitable by users as low as contributors.\"}, {\"lang\": \"es\", \"value\": \"El complemento Photo Gallery by 10Web \\u2013 Mobile-Friendly Image Gallery para WordPress es vulnerable a Path Traversal en todas las versiones hasta la 1.8.23 incluida a trav\\u00e9s de la funci\\u00f3n esc_dir. Esto hace posible que atacantes autenticados corten y peguen (copien) el contenido de archivos arbitrarios en el servidor, que pueden contener informaci\\u00f3n confidencial, y corten (eliminen) directorios arbitrarios, incluido el directorio ra\\u00edz de WordPress. De forma predeterminada, esto s\\u00f3lo puede ser aprovechado por los administradores. En la versi\\u00f3n premium del complemento, los administradores pueden otorgar permisos de edici\\u00f3n de la galer\\u00eda a usuarios de niveles inferiores, lo que podr\\u00eda hacer que esto sea explotable por usuarios tan bajos como contribuyentes.\"}]",
"id": "CVE-2024-5481",
"lastModified": "2024-11-21T09:47:45.877",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"security@wordfence.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H\", \"baseScore\": 6.8, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.6, \"impactScore\": 5.2}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}]}",
"published": "2024-06-07T10:15:11.827",
"references": "[{\"url\": \"https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L178\", \"source\": \"security@wordfence.com\", \"tags\": [\"Product\"]}, {\"url\": \"https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L436\", \"source\": \"security@wordfence.com\", \"tags\": [\"Product\"]}, {\"url\": \"https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L512\", \"source\": \"security@wordfence.com\", \"tags\": [\"Product\"]}, {\"url\": \"https://plugins.trac.wordpress.org/changeset/3098798/\", \"source\": \"security@wordfence.com\", \"tags\": [\"Patch\"]}, {\"url\": \"https://wordpress.org/plugins/photo-gallery/#developers\", \"source\": \"security@wordfence.com\", \"tags\": [\"Product\", \"Release Notes\"]}, {\"url\": \"https://www.wordfence.com/threat-intel/vulnerabilities/id/76c38826-4d49-4204-b6b6-b01d01373fa9?source=cve\", \"source\": \"security@wordfence.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L178\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Product\"]}, {\"url\": \"https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L436\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Product\"]}, {\"url\": \"https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L512\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Product\"]}, {\"url\": \"https://plugins.trac.wordpress.org/changeset/3098798/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://wordpress.org/plugins/photo-gallery/#developers\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Product\", \"Release Notes\"]}, {\"url\": \"https://www.wordfence.com/threat-intel/vulnerabilities/id/76c38826-4d49-4204-b6b6-b01d01373fa9?source=cve\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "security@wordfence.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-22\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-5481\",\"sourceIdentifier\":\"security@wordfence.com\",\"published\":\"2024-06-07T10:15:11.827\",\"lastModified\":\"2024-11-21T09:47:45.877\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.8.23 via the esc_dir function. This makes it possible for authenticated attackers to cut and paste (copy) the contents of arbitrary files on the server, which can contain sensitive information, and to cut (delete) arbitrary directories, including the root WordPress directory. By default this can be exploited by administrators only. In the premium version of the plugin, administrators can give gallery edit permissions to lower level users, which might make this exploitable by users as low as contributors.\"},{\"lang\":\"es\",\"value\":\"El complemento Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery para WordPress es vulnerable a Path Traversal en todas las versiones hasta la 1.8.23 incluida a trav\u00e9s de la funci\u00f3n esc_dir. Esto hace posible que atacantes autenticados corten y peguen (copien) el contenido de archivos arbitrarios en el servidor, que pueden contener informaci\u00f3n confidencial, y corten (eliminen) directorios arbitrarios, incluido el directorio ra\u00edz de WordPress. De forma predeterminada, esto s\u00f3lo puede ser aprovechado por los administradores. En la versi\u00f3n premium del complemento, los administradores pueden otorgar permisos de edici\u00f3n de la galer\u00eda a usuarios de niveles inferiores, lo que podr\u00eda hacer que esto sea explotable por usuarios tan bajos como contribuyentes.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@wordfence.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H\",\"baseScore\":6.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":5.2},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*\",\"versionEndExcluding\":\"1.8.24\",\"matchCriteriaId\":\"974320E7-18AE-4738-BE29-52AF8BDA52EE\"}]}]}],\"references\":[{\"url\":\"https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L178\",\"source\":\"security@wordfence.com\",\"tags\":[\"Product\"]},{\"url\":\"https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L436\",\"source\":\"security@wordfence.com\",\"tags\":[\"Product\"]},{\"url\":\"https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L512\",\"source\":\"security@wordfence.com\",\"tags\":[\"Product\"]},{\"url\":\"https://plugins.trac.wordpress.org/changeset/3098798/\",\"source\":\"security@wordfence.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://wordpress.org/plugins/photo-gallery/#developers\",\"source\":\"security@wordfence.com\",\"tags\":[\"Product\",\"Release Notes\"]},{\"url\":\"https://www.wordfence.com/threat-intel/vulnerabilities/id/76c38826-4d49-4204-b6b6-b01d01373fa9?source=cve\",\"source\":\"security@wordfence.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L178\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L436\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L512\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://plugins.trac.wordpress.org/changeset/3098798/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://wordpress.org/plugins/photo-gallery/#developers\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\",\"Release Notes\"]},{\"url\":\"https://www.wordfence.com/threat-intel/vulnerabilities/id/76c38826-4d49-4204-b6b6-b01d01373fa9?source=cve\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.wordfence.com/threat-intel/vulnerabilities/id/76c38826-4d49-4204-b6b6-b01d01373fa9?source=cve\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L178\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L512\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L436\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://plugins.trac.wordpress.org/changeset/3098798/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://wordpress.org/plugins/photo-gallery/#developers\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T21:11:12.793Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-5481\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-16T18:35:17.646938Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-16T18:35:21.842Z\"}}], \"cna\": {\"title\": \"Photo Gallery by 10Web \\u2013 Mobile-Friendly Image Gallery \u003c= 1.8.23 - Authenticated (Contributor+) Path Traversal via esc_dir Function\", \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Tobias Wei\\u00dfhaar\"}], \"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 6.8, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H\"}}], \"affected\": [{\"vendor\": \"10web\", \"product\": \"Photo Gallery by 10Web \\u2013 Mobile-Friendly Image Gallery\", \"versions\": [{\"status\": \"affected\", \"version\": \"*\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"1.8.23\"}], \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-06-06T21:19:21.000+00:00\", \"value\": \"Disclosed\"}], \"references\": [{\"url\": \"https://www.wordfence.com/threat-intel/vulnerabilities/id/76c38826-4d49-4204-b6b6-b01d01373fa9?source=cve\"}, {\"url\": \"https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L178\"}, {\"url\": \"https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L512\"}, {\"url\": \"https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L436\"}, {\"url\": \"https://plugins.trac.wordpress.org/changeset/3098798/\"}, {\"url\": \"https://wordpress.org/plugins/photo-gallery/#developers\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The Photo Gallery by 10Web \\u2013 Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.8.23 via the esc_dir function. This makes it possible for authenticated attackers to cut and paste (copy) the contents of arbitrary files on the server, which can contain sensitive information, and to cut (delete) arbitrary directories, including the root WordPress directory. By default this can be exploited by administrators only. In the premium version of the plugin, administrators can give gallery edit permissions to lower level users, which might make this exploitable by users as low as contributors.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-35 Path Traversal: \u0027.../...//\u0027\"}]}], \"providerMetadata\": {\"orgId\": \"b15e7b5b-3da4-40ae-a43c-f7aa60e62599\", \"shortName\": \"Wordfence\", \"dateUpdated\": \"2024-06-07T09:33:36.357Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-5481\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-01T21:11:12.793Z\", \"dateReserved\": \"2024-05-29T18:04:13.803Z\", \"assignerOrgId\": \"b15e7b5b-3da4-40ae-a43c-f7aa60e62599\", \"datePublished\": \"2024-06-07T09:33:36.357Z\", \"assignerShortName\": \"Wordfence\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…