admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-138xx/CVE-2024-13829.json
cad-safe-bot 03e4a37847 Auto-Update: 2025-02-16T03:00:21.640882+00:00
2025-02-16 03:03:51 +00:00

68 lines
2.4 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-13829",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-05T06:15:31.257",
"lastModified": "2025-02-05T06:15:31.257",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WordPress form builder plugin for contact forms, surveys and quizzes \u2013 Tripetto plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 8.0.8 via the 'attachments.php' file. This makes it possible for unauthenticated attackers to extract sensitive data including files uploaded via forms."
},
{
"lang": "es",
"value": "El complemento WordPress form builder plugin for contact forms, surveys and quizzes \u2013 Tripetto para WordPress, es vulnerable a la exposici\u00f3n de informaci\u00f3n confidencial en todas las versiones hasta la 8.0.8 y incluida, a trav\u00e9s del archivo 'attachments.php'. Esto permite que atacantes no autenticados extraigan archivos de datos confidenciales incluida cargados a trav\u00e9s de formularios."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/tripetto/trunk/lib/attachments.php",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3231968/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0a938042-bad6-4fe0-8905-148d07a22996?source=cve",
"source": "security@wordfence.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink