Descrição
The Avada theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.11.6 via the ‘/wp-content/uploads/fusion-forms/’ directory. This makes it possible for unauthenticated attackers to extract sensitive data uploaded via an Avada created form with a file upload mechanism.
Software
Não informado
Tipo Software
Tema
CVE
CVE-2024-2340
Tags
Nâo informado
Data de publicação
09/04/2024
Última atualização
01/02/2025
Pontuação em CVSS 3.0
5.3
Médio