Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-7qxw-6qwr-m6xh

Опубликовано: 02 мая 2024
Источник: github
Github: Не прошло ревью
CVSS3: 5.3

Описание

The Contact Form 7 Database Addon – CFDB7 plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.2.6.8 via the cfdb7_before_send_mail function. This can allow unauthenticated attackers to extract sensitive data, such as Personally Identifiable Information, from files uploaded by users.

The Contact Form 7 Database Addon – CFDB7 plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.2.6.8 via the cfdb7_before_send_mail function. This can allow unauthenticated attackers to extract sensitive data, such as Personally Identifiable Information, from files uploaded by users.

Ссылки

EPSS

Процентиль: 76%
0.00982
Низкий

5.3 Medium

CVSS3

CVE ID

CVE-2024-3870

Связанные уязвимости

nvd логотип

CVE-2024-3870

CVSS3: 5.3
nvd
почти 2 года назад

The Contact Form 7 Database Addon – CFDB7 plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.2.6.8 via the cfdb7_before_send_mail function. This can allow unauthenticated attackers to extract sensitive data, such as Personally Identifiable Information, from files uploaded by users.

fstec логотип

BDU:2024-03364

CVSS3: 5.3
fstec
почти 2 года назад

Уязвимость функции cfdb7_before_send_mail() плагина Contact Form 7 Database Addon (CFDB7) системы управления содержимым сайта WordPress, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

EPSS

Процентиль: 76%
0.00982
Низкий

5.3 Medium

CVSS3

CVE ID

CVE-2024-3870