How severe is CVE-2021-24695?

CVE-2021-24695 has a CVSS v3 score of 7.5 (HIGH).

CVE-2021-24695

Name: simple_download_monitor
Author: tipsandtricks-hq

7.5HIGH

The Simple Download Monitor WordPress plugin before 3.9.6 saves logs in a predictable location, and does not have any authentication or authorisation in place to prevent unauthenticated users to downl

Veröffentlicht: 11/8/2021Aktualisiert: 11/21/2024

Beschreibung

The Simple Download Monitor WordPress plugin before 3.9.6 saves logs in a predictable location, and does not have any authentication or authorisation in place to prevent unauthenticated users to download and read the logs containing Sensitive Information such as IP Addresses and Usernames

KI-AnalyseKI-gestützt

Betroffene Produkte

tipsandtricks-hqsimple_download_monitor

Referenzen

https://wpscan.com/vulnerability/d7bdaf2b-cdd9-4aee-b1bb-01728160ff25
ExploitThird Party Advisory
https://wpscan.com/vulnerability/d7bdaf2b-cdd9-4aee-b1bb-01728160ff25
ExploitThird Party Advisory