How severe is CVE-2021-24695?

CVE-2021-24695 has a CVSS v3 score of 7.5 (HIGH).

CVE-2021-24695

Name: simple_download_monitor
Author: tipsandtricks-hq

7.5HIGH

The Simple Download Monitor WordPress plugin before 3.9.6 saves logs in a predictable location, and does not have any authentication or authorisation in place to prevent unauthenticated users to downl

Published: 11/8/2021Updated: 11/21/2024

Description

The Simple Download Monitor WordPress plugin before 3.9.6 saves logs in a predictable location, and does not have any authentication or authorisation in place to prevent unauthenticated users to download and read the logs containing Sensitive Information such as IP Addresses and Usernames

AI AnalysisPowered by AI

Affected Products

tipsandtricks-hqsimple_download_monitor

References

https://wpscan.com/vulnerability/d7bdaf2b-cdd9-4aee-b1bb-01728160ff25
ExploitThird Party Advisory
https://wpscan.com/vulnerability/d7bdaf2b-cdd9-4aee-b1bb-01728160ff25
ExploitThird Party Advisory