← volver
CVE-2024-2795

SEO SIMPLE PACK <= 3.2.1 - Information Exposure

CVSS 5.3 MEDIUMEPSS 0.5%CWE-200
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5.3EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
28 jun 2024Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
The SEO SIMPLE PACK plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.2.1 via META description. This makes it possible for unauthenticated attackers to extract limited information about password protected posts.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N