CVE-2014-125102

EPSS 0.1%
Veröffentlicht 29.05.2023 23:15:09
Zuletzt bearbeitet 21.11.2024 02:03:48
Quelle cna@vuldb.com
CVE-Watchlists
Login
Unerledigt
Login

A vulnerability classified as problematic was found in Bestwebsoft Relevant Plugin up to 1.0.7 on WordPress. Affected by this vulnerability is an unknown functionality of the component Thumbnail Handler. The manipulation leads to information disclosure. The attack can be launched remotely. Upgrading to version 1.0.8 is able to address this issue. The identifier of the patch is 860d1891025548cf0f5f97364c1f51a888f523c3. It is recommended to upgrade the affected component. The identifier VDB-230113 was assigned to this vulnerability.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Bestwebsoft ≫ Relevant SwPlatformwordpress Version < 1.0.8

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.1%	0.281

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cna@vuldb.com	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
cna@vuldb.com	4	8	2.9	AV:N/AC:L/Au:S/C:P/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

https://github.com/wp-plugins/relevant/commit/860d1891025548cf0f5f97364c1f51a888f523c3

Patch

https://vuldb.com/?ctiid.230113

Permissions Required

https://vuldb.com/?id.230113

Permissions Required

https://nvd.nist.gov/vuln/detail/CVE-2014-125102

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-125102

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-125102

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2014-125102