exploitDog

CVE-2024-35162

Опубликовано: 22 мая 2024

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

Path traversal vulnerability exists in Download Plugins and Themes from Dashboard versions prior to 1.8.6. If this vulnerability is exploited, a remote authenticated attacker with "switch_themes" privilege may obtain arbitrary files on the server.

Ссылки

EPSS

Процентиль: 76%

0.00963

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-22

Связанные уязвимости

GHSA-5qvg-g2v8-cghm

CVSS3: 6.5

github

больше 1 года назад

Path traversal vulnerability exists in Download Plugins and Themes from Dashboard versions prior to 1.8.6. If this vulnerability is exploited, a remote authenticated attacker with "switch_themes" privilege may obtain arbitrary files on the server.

EPSS

Процентиль: 76%

0.00963

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-22