Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-wp5p-62cp-gpq5

Опубликовано: 09 апр. 2024
Источник: github
Github: Не прошло ревью
CVSS3: 7.5

Описание

The WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect to Force HTTPS, SSL Score plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.0 via exposed Private key files. This makes it possible for unauthenticated attackers to extract sensitive data including TLS Certificate Private Keys

The WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect to Force HTTPS, SSL Score plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.0 via exposed Private key files. This makes it possible for unauthenticated attackers to extract sensitive data including TLS Certificate Private Keys

Ссылки

EPSS

Процентиль: 71%
0.00682
Низкий

7.5 High

CVSS3

CVE ID

CVE-2023-7046

Связанные уязвимости

nvd логотип

CVE-2023-7046

CVSS3: 7.5
nvd
больше 1 года назад

The WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect to Force HTTPS, SSL Score plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.0 via exposed Private key files. This makes it possible for unauthenticated attackers to extract sensitive data including TLS Certificate Private Keys

fstec логотип

BDU:2024-03558

CVSS3: 7.5
fstec
больше 1 года назад

Уязвимость плагина WP Encryption системы управления содержимым сайта WordPress, позволяющая нарушителю раскрыть защищаемую информацию

EPSS

Процентиль: 71%
0.00682
Низкий

7.5 High

CVSS3

CVE ID

CVE-2023-7046