7.5
CVE-2024-24867
- EPSS 0.45%
- Veröffentlicht 17.03.2024 16:15:08
- Zuletzt bearbeitet 28.04.2026 19:23:24
- Quelle audit@patchstack.com
- CVE-Watchlists
- Unerledigt
LoginWordPress WP Stats Manager plugin <= 6.9.4 - Sensitive Data Exposure vulnerability
WP Visitor Statistics (Real Time Traffic) <= 6.9.4 - Sensitive Information Exposure via Log File
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Osamaesh WP Visitor Statistics (Real Time Traffic).This issue affects WP Visitor Statistics (Real Time Traffic): from n/a through 6.9.4.
Mögliche Gegenmaßnahme
WP Visitor Statistics (Real Time Traffic): Update to version 6.9.5, or a newer patched version
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Codepress ≫ Visitor Statistics SwEdition- SwPlatformwordpress Version <= 6.9.4
Weitere Schwachstelleninformationen
SystemWordPress Plugin
≫
Produkt
WP Visitor Statistics (Real Time Traffic)
Version
*-6.9.4
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.45% | 0.359 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| audit@patchstack.com | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
https://patchstack.com/database/vulnerability/wp-stats-manager/wordpress-wp-stats-manager-plugin-6-9-4-sensitive-data-exposure-vulnerability?_s_id=cve
https://www.wordfence.com/threat-intel/vulnerabilities/id/f2d69d59-390d-4f3c-96ba-487707cac7a6