PT-2023-32494 · WordPress · Quttera Web Malware Scanner

Dmitry Ignatyev

Publicado

2023-12-18

Atualizado

2023-12-21

CVE-2023-6065

CVSS v3.1

5.3

Média

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Quttera Web Malware Scanner WordPress plugin versions prior to 3.4.2.1

Description The issue allows a malicious actor to discover local paths and portions of the site's code due to unrestricted access to detailed scan logs.

Recommendations For versions prior to 3.4.2.1, update to version 3.4.2.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the detailed scan logs until the update is applied.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2023-6065

Produtos afetados

Quttera Web Malware Scanner

PT-2023-32494 · WordPress · Quttera Web Malware Scanner

CVE-2023-6065

Identificadores relacionados

Produtos afetados

Referências · 6