Path Traversal Vulnerability in Contact Page With Google Map
CVE-2024-52447

8.6HIGH

Key Information:

Vendor: WordPress
Status: Contact Page With Google Map
Vendor: CVE Published:; 20 November 2024

What is CVE-2024-52447?

The vulnerability in the Corporate Zen Contact Page With Google Map introduces a path traversal flaw, which enables attackers to manipulate URL paths to gain access to sensitive files on the server. This issue is present in versions from n/a through 1.6.1 of the plugin. Exploiting this vulnerability can lead to unauthorized data exposure, increasing the risk of data breaches and compromising user information. Website administrators are urged to evaluate their systems for this flaw and take necessary measures to mitigate potential threats.

Affected Version(s)

Contact Page With Google Map <= 1.6.1

References

https://patchstack.com/database/vulnerability/contact-pag...

vdb-entry

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 20, 2024

Credit

Mika (Patchstack Alliance)

WordPress

What is CVE-2024-52447?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit