VYPR

AForms Eats

by WordPress

CVEs (1)

  • CVE-2024-13539MedFeb 12, 2025
    risk 0.34cvss 5.3epss 0.00

    The AForms Eats plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.3.1. This is due the /vendor/aura/payload-interface/phpunit.php file being publicly accessible and displaying error messages. This makes it possible for…