← back
CVE-2024-9575

Local File Inclusion in pretix-widget WordPress plugin

CVSS 8.5 HIGHEPSS 0.5%CWE-22CWE-73
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.5EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
09 Oct 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Local File Inclusion vulnerability in pretix Widget WordPress plugin pretix-widget on Windows allows PHP Local File Inclusion. This issue affects pretix Widget WordPress plugin: from 1.0.0 through 1.0.5.
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/RE:L
Affected products
rami.io GmbH · pretix Widget WordPress plugin

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://patchstack.com/database/vulnerability/pretix-widget/wordpress-pretix-widget-plugin-1-0-5-local-file-inclusion-vulnerability?_s_id=cvehttps://pretix.eu/about/en/blog/20241009-wordpress-plugin-1-0-6/