VYPR

Laposta

by Laposta

CVEs (1)

  • CVE-2024-6574MedJul 13, 2024
    risk 0.34cvss 5.3epss 0.00

    The Laposta plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.12. This is due to the plugin not preventing direct access to several test files. This makes it possible for unauthenticated attackers to retrieve the full path of the…