216.73.216.170

CVE-2024-6499

· Published 24/08/2024 04:15 · Modified 26/09/2024 22:07

Labels: CVE-2024-6499 2024-08-24CVE-2024-6499CWE-200NVD-CWE-noinfo[email protected]

Essential information

Published
24/08/2024 04:15
Modified
26/09/2024 22:07
Author
Creator
CVSS
5.3 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVSS metrics

Description

The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 9.7.8. This makes it possible for unauthenticated attackers to obtain the full path to instances, which they may be able to use in combination with other vulnerabilities or to simplify reconnaissance work. On its own, this information is of very limited use.

NVD status

Status
Analyzed — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
maxfoundry / maxbuttons cpe:2.3:a:maxfoundry:maxbuttons:*:*:*:*:*:wordpress:*:*

References