Skip to main content

Kiwiz Invoices Certification Pdf System

1 CVEs product

Monthly

CVE-2023-2180 HIGH POC This Week

The KIWIZ Invoices Certification & PDF System WordPress plugin through 2.1.3 does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/downlaod. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure WordPress Kiwiz Invoices Certification Pdf System
NVD WPScan
CVSS 3.1
7.5
EPSS
0.9%
EPSS 1% CVSS 7.5
HIGH POC This Week

The KIWIZ Invoices Certification & PDF System WordPress plugin through 2.1.3 does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/downlaod. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure WordPress Kiwiz Invoices Certification Pdf System
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy