How severe is CVE-2021-24695?

CVE-2021-24695 has a CVSS v3 score of 7.5 (HIGH).

CVE-2021-24695

Name: simple_download_monitor
Author: tipsandtricks-hq

7.5HIGH

The Simple Download Monitor WordPress plugin before 3.9.6 saves logs in a predictable location, and does not have any authentication or authorisation in place to prevent unauthenticated users to downl

Publicado: 11/8/2021Actualizado: 11/21/2024

Descripción

The Simple Download Monitor WordPress plugin before 3.9.6 saves logs in a predictable location, and does not have any authentication or authorisation in place to prevent unauthenticated users to download and read the logs containing Sensitive Information such as IP Addresses and Usernames

Análisis IAImpulsado por IA

Productos Afectados

tipsandtricks-hqsimple_download_monitor

Referencias

https://wpscan.com/vulnerability/d7bdaf2b-cdd9-4aee-b1bb-01728160ff25
ExploitThird Party Advisory
https://wpscan.com/vulnerability/d7bdaf2b-cdd9-4aee-b1bb-01728160ff25
ExploitThird Party Advisory