CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-28408

Directory traversal vulnerability in MW WP Form versions v4.4.2 and earlier allows a remote unauthenticated attacker to alter the website or cause a denial-of-service (DoS) condition, and obtain sensitive information depending on settings.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.028

EPSS Ranking 85.5%

CVSS Severity

CVSS v3 Score 9.8

References

https://jvn.jp/en/jp/JVN01093915/
https://plugins.2inc.org/mw-wp-form/blog/2023/05/08/752/
https://jvn.jp/en/jp/JVN01093915/
https://plugins.2inc.org/mw-wp-form/blog/2023/05/08/752/

Products affected by CVE-2023-28408

Mw Wp Form Project » Mw Wp Form » Version: 4.4.2

cpe:2.3:a:mw_wp_form_project:mw_wp_form:4.4.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-28408

Products

Pricing

Contact Us