PT-2023-32569 · WordPress · Quttera Web Malware Scanner
Dmitry Ignatyev
·
Published
2023-12-18
·
Updated
2024-09-30
·
CVE-2023-6222
CVSS v3.1
7.2
High
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Quttera Web Malware Scanner WordPress plugin versions prior to 3.4.2.1
Description
The issue concerns a lack of validation for user input used in a path. This could potentially allow users with an admin role to perform path traversal attacks.
Recommendations
For versions prior to 3.4.2.1, update to version 3.4.2.1 or later to resolve the issue.
Exploit
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Quttera Web Malware Scanner