Path Traversal Vulnerability Affects Landing Page Builder
CVE-2024-43345

7.5HIGH

Key Information:

Vendor: WordPress
Status: Landing Page Builder
Vendor: CVE Published:; 19 August 2024

What is CVE-2024-43345?

A path traversal vulnerability has been identified in PluginOps Landing Page Builder, allowing unauthorized access to files on the server through PHP Local File Inclusion. This security flaw could enable attackers to read sensitive system files, potentially leading to severe data breaches or system compromise. Affected versions range from an unspecified release up to version 1.5.2.0, highlighting the need for users to update their applications promptly to protect against potential exploitation.

Affected Version(s)

Landing Page Builder <= 1.5.2.0

References

https://patchstack.com/database/vulnerability/page-builde...

vdb-entry

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 19, 2024

CVE-2024-43345 Data

JSON

WordPress

What is CVE-2024-43345?

Affected Version(s)

References

CVSS V3.1

Timeline