Skip to main content

Full Customer

2 CVEs product

Monthly

CVE-2023-4243 HIGH This Week

The FULL - Customer plugin for WordPress is vulnerable to Arbitrary File Upload via the /install-plugin REST route in versions up to, and including, 2.2.3 due to improper authorization. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress File Upload Full Customer
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-4242 MEDIUM This Month

The FULL - Customer plugin for WordPress is vulnerable to Information Disclosure via the /health REST route in versions up to, and including, 2.2.3 due to improper authorization. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure WordPress Authentication Bypass Full Customer
NVD
CVSS 3.1
4.3
EPSS
0.1%
EPSS 1% CVSS 8.8
HIGH This Week

The FULL - Customer plugin for WordPress is vulnerable to Arbitrary File Upload via the /install-plugin REST route in versions up to, and including, 2.2.3 due to improper authorization. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress File Upload +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The FULL - Customer plugin for WordPress is vulnerable to Information Disclosure via the /health REST route in versions up to, and including, 2.2.3 due to improper authorization. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure WordPress Authentication Bypass +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy