CVE-2024-43042
9.8CRITICALPluck CMS 4.7.18 does not restrict failed login attempts, allowing attackers to execute a brute force attack.
Опубликовано: 8/16/2024Обновлено: 3/19/2025
Описание
Pluck CMS 4.7.18 does not restrict failed login attempts, allowing attackers to execute a brute force attack.
ИИ-АнализНа базе ИИ
Затронутые продукты
pluck-cmspluck
4.7.18
Ссылки
- https://drive.google.com/file/d/1FnLCFP8xDrE1e_4Ft_TZ7VhC-JBkpsL0/view?usp=sharingExploitThird Party Advisory
- https://github.com/pluck-cms/pluckProduct