Skip to main content

Quttera Web Malware Scanner

2 CVEs product

Monthly

CVE-2023-6222 HIGH POC This Week

IThe Quttera Web Malware Scanner WordPress plugin before 3.4.2.1 does not validate user input used in a path, which could allow users with an admin role to perform path traversal attacks. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal WordPress Quttera Web Malware Scanner
NVD WPScan
CVSS 3.1
7.2
EPSS
1.1%
CVE-2023-6065 MEDIUM POC THREAT This Month

The Quttera Web Malware Scanner WordPress plugin before 3.4.2.1 doesn't restrict access to detailed scan logs, which allows a malicious actor to discover local paths and portions of the site's code. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure WordPress Quttera Web Malware Scanner
NVD WPScan
CVSS 3.1
5.3
EPSS
18.7%
EPSS 1% CVSS 7.2
HIGH POC This Week

IThe Quttera Web Malware Scanner WordPress plugin before 3.4.2.1 does not validate user input used in a path, which could allow users with an admin role to perform path traversal attacks. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal WordPress Quttera Web Malware Scanner
NVD WPScan
EPSS 19% CVSS 5.3
MEDIUM POC THREAT This Month

The Quttera Web Malware Scanner WordPress plugin before 3.4.2.1 doesn't restrict access to detailed scan logs, which allows a malicious actor to discover local paths and portions of the site's code. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure WordPress Quttera Web Malware Scanner
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy