5.3

CVE-2023-6592

FastDup – Fastest WordPress Migration & Duplicator < 2.2 - Directory Listing to Account Takeover and Sensitive Data Exposure

FastDup <= 2.1.9 - Sensitive Information Exposure via Directory Listing

The FastDup WordPress plugin before 2.2 does not prevent directory listing in sensitive directories containing export files.
Mögliche Gegenmaßnahme
FastDup – Fastest WordPress Migration & Duplicator: Update to version 2.2.0, or a newer patched version
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
NinjateamFastdup SwPlatformwordpress Version < 2.2
Weitere Schwachstelleninformationen
SystemWordPress Plugin
Produkt FastDup – Fastest WordPress Migration & Duplicator
Version *-2.1.9
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.91% 0.553
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.3 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.3 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://research.cleantalk.org/cve-2023-6592-fastdup-database-users-password-leak-poc-exploit/
https://wpscan.com/vulnerability/a39bb807-b143-4863-88ff-1783e407d7d4/
Third Party Advisory
https://www.wordfence.com/threat-intel/vulnerabilities/id/7fb646c4-6269-4354-b3a6-872c6303a6d2
Third Party Advisory