CVE-2024-9530

23 Oct 2024

Jose Alexis Correa Valencia
0 Comentarios

Título es

CVE-2024-9530

Mié, 23/10/2024 – 08:15

Tipo

CWE-200

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-9530

Descripción en

The Qi Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.0 via private templates. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including the contents of templates that are private.

23/10/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Gravedad 3.1 (CVSS 3.1 Base Score)

4.30

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3170536%40qi-addons-for-elementor/trunk&old=3159768%40qi-addons-for-elementor/trunk

https://www.wordfence.com/threat-intel/vulnerabilities/id/0dd93514-657c-4b04-931a-23f3d405fb88?source=cve

Enviar en el boletín

Off

CVE-2024-9530

CVE-2024-9530

Jose Alexis Correa Valencia