CVE-2024-31240

Опубликовано: 10 апр. 2024

Источник: nvd

CVSS3: 7.7

CVSS3: 8.1

EPSS Низкий

Описание

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in InfoTheme WP Poll Maker.This issue affects WP Poll Maker: from n/a through 3.1.

Ссылки

https://patchstack.com/database/vulnerability/epoll-wp-voting/wordpress-wp-poll-maker-plugin-3-1-subscriber-arbitrary-file-deletion-vulnerability?_s_id=cve
Third Party Advisory
https://patchstack.com/database/vulnerability/epoll-wp-voting/wordpress-wp-poll-maker-plugin-3-1-subscriber-arbitrary-file-deletion-vulnerability?_s_id=cve
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:infotheme:wp_poll_maker:*:*:*:*:*:wordpress:*:*

Версия до 3.4 (исключая)

EPSS

Процентиль: 54%

0.00309

Низкий

7.7 High

CVSS3

8.1 High

CVSS3

Дефекты

CWE-22

Связанные уязвимости

GHSA-cqgx-qm2w-88qc

CVSS3: 7.7

github

почти 2 года назад

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in InfoTheme WP Poll Maker.This issue affects WP Poll Maker: from n/a through 3.1.

EPSS

Процентиль: 54%

0.00309

Низкий

7.7 High

CVSS3

8.1 High

CVSS3

Дефекты

CWE-22