CVE-2024-2795
SEO SIMPLE PACK <= 3.2.1 - Information Exposure
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5.3EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
28 jun 2024Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
The SEO SIMPLE PACK plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.2.1 via META description. This makes it possible for unauthenticated attackers to extract limited information about password protected posts.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Productos afectados
looswebstudio · SEO SIMPLE PACKReferencias
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3109539%40seo-simple-pack&new=3109539%40seo-simple-pack&sfp_email=&sfph_mail=https://wordpress.org/plugins/seo-simple-pack/https://www.wordfence.com/threat-intel/vulnerabilities/id/f62a9ca0-7077-410f-b005-175348acd133?source=cve