Vulnerability Details CVE-2023-6222
IThe Quttera Web Malware Scanner WordPress plugin before 3.4.2.1 does not validate user input used in a path, which could allow users with an admin role to perform path traversal attacks
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.5%
CVSS Severity
CVSS v3 Score 7.2
References
- https://drive.google.com/file/d/1krgHH2NvVFr93VpErLkOjDV3L6M5yIA1/view?usp=sharing
- https://wpscan.com/vulnerability/df892e99-c0f6-42b8-a834-fc55d1bde130
- https://drive.google.com/file/d/1krgHH2NvVFr93VpErLkOjDV3L6M5yIA1/view?usp=sharing
- https://wpscan.com/vulnerability/df892e99-c0f6-42b8-a834-fc55d1bde130
Products affected by CVE-2023-6222
-
cpe:2.3:a:quttera:quttera_web_malware_scanner:1.0.0
-
cpe:2.3:a:quttera:quttera_web_malware_scanner:3.0.21.17
-
cpe:2.3:a:quttera:quttera_web_malware_scanner:3.0.7.0
-
cpe:2.3:a:quttera:quttera_web_malware_scanner:3.0.7.20
-
cpe:2.3:a:quttera:quttera_web_malware_scanner:3.0.7.21
-
cpe:2.3:a:quttera:quttera_web_malware_scanner:3.0.7.22
-
cpe:2.3:a:quttera:quttera_web_malware_scanner:3.0.7.45
-
cpe:2.3:a:quttera:quttera_web_malware_scanner:3.0.8.1
-
cpe:2.3:a:quttera:quttera_web_malware_scanner:3.0.8.65
-
cpe:2.3:a:quttera:quttera_web_malware_scanner:3.0.9.1
-
cpe:2.3:a:quttera:quttera_web_malware_scanner:3.1.1.0
-
cpe:2.3:a:quttera:quttera_web_malware_scanner:3.2.1.97
-
cpe:2.3:a:quttera:quttera_web_malware_scanner:3.3.0.22
-
cpe:2.3:a:quttera:quttera_web_malware_scanner:3.4.0.1