Path Traversal Vulnerability in WPOptin's Top Bar – PopUps Product
CVE-2024-47645

7.5HIGH

Key Information:

Vendor: WordPress
Status: Top Bar – Popups – By WPoptin
Vendor: CVE Published:; 16 October 2024

What is CVE-2024-47645?

A Path Traversal vulnerability has been identified in the Top Bar – PopUps plugin by WPOptin, which allows for local file inclusion due to improper pathname limitations. This flaw can potentially enable attackers to access sensitive files on the server. The issue affects versions from n/a through 2.0.1, making it crucial for users to update to secure their installations against potential exploitation.

Affected Version(s)

Top Bar – PopUps – by WPOptin 0 <= 2.0.1

References

https://patchstack.com/database/Wordpress/Plugin/wpoptin/...

vdb-entry

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 16, 2024

CVE-2024-47645 Data

JSON

WordPress

What is CVE-2024-47645?

Affected Version(s)

References

CVSS V3.1

Timeline