Описание
An issue was discovered in the WP Security Audit Log plugin 3.1.1 for WordPress. Access to wp-content/uploads/wp-security-audit-log/* files is not restricted. For example, these files are indexed by Google and allows for attackers to possibly find sensitive information.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:wpsecurityauditlog:wp_security_audit_log:3.1.1:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 94%
0.1532
Средний
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-532
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
An issue was discovered in the WP Security Audit Log plugin 3.1.1 for WordPress. Access to wp-content/uploads/wp-security-audit-log/* files is not restricted. For example, these files are indexed by Google and allows for attackers to possibly find sensitive information.
EPSS
Процентиль: 94%
0.1532
Средний
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-532