Published: 04/04/2018 Updated: 11/05/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

An issue exists in the WP Security Audit Log plugin 3.1.1 for WordPress. Access to wp-content/uploads/wp-security-audit-log/* files is not restricted. For example, these files are indexed by Google and allows for malicious users to possibly find sensitive information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wpsecurityauditlog wp security audit log 3.1.1

# Exploit Title: WP Security Audit Log Plugin, Sensitive Information Disclosure <= 311 # Google Dork: inurl:/wp-content/uploads/wp-security-audit-log/ # Date: 3/13/2018 # Exploit Author: Colette Chamberland, Defiant, Inc # Vendor Homepage: wpwhitesecuritycom # Software Link: wordpressorg/plugins/wp-security-audit-log/ # Vers ...

WordPress WP Security Audit Log plugin version 311 suffers from a sensitive information disclosure vulnerability ...

CWE-532 https://www.exploit-db.com/exploits/44371/https://nvd.nist.gov https://www.exploit-db.com/exploits/44371/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-8719

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect