Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-46197

Published: 17/05/2024 Updated: 17/05/2024

Vulnerability Summary

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in supsystic.Com Popup by Supsystic allows Relative Path Traversal.This issue affects Popup by Supsystic: from n/a up to and including 1.10.19.

Github Repositories

https://github.com/RandomRobbieBF/CVE-2023-46197

Popup by Supsystic <= 1.10.19 - Missing Authorization to Sensitive Information Exposure

CVE-2023-46197 Popup by Supsystic &lt;= 11019 - Missing Authorization to Sensitive Information Exposure Description "The Popup by Supsystic plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 11019 via the getWpCsvList action This makes it possible for authenticated attackers with subscriber level access or hi

References

CWE-22https://patchstack.com/database/vulnerability/popup-by-supsystic/wordpress-popup-by-supsystic-plugin-1-10-19-unauthenticated-subscriber-email-addresses-disclosure?_s_id=cvehttps://nvd.nist.govhttps://github.com/RandomRobbieBF/CVE-2023-46197
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324path traversalCVE-2024-4743CVE-2024-5184TCPCVE-2024-27822code injectionCVE-2024-28995CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook