CVE-2023-6065
published 2023-12-18CVE-2023-6065: The Quttera Web Malware Scanner WordPress plugin before 3.4.2.1 doesn't restrict access to detailed scan logs, which allows a malicious actor to discover local…
PriorityP350medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EXPLOIT
EPSS
18.70%
96.9th percentile
The Quttera Web Malware Scanner WordPress plugin before 3.4.2.1 doesn't restrict access to detailed scan logs, which allows a malicious actor to discover local paths and portions of the site's code
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| quttera | quttera_web_malware_scanner | < 3.4.2.1 | 3.4.2.1 |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
Quttera Web Malware Scanner <= 3.4.1.48 - Sensitive Data Exposure
nuclei·CVSS 5.3
CVE-2023-6065 [MEDIUM] Quttera Web Malware Scanner <= 3.4.1.48 - Sensitive Data Exposure
Quttera Web Malware Scanner <= 3.4.1.48 - Sensitive Data Exposure
The Quttera Web Malware Scanner WordPress plugin before 3.4.2.1 doesn't restrict access to detailed scan logs, which allows a malicious actor to discover local paths and portions of the site's code
Template:
id: CVE-2023-6065
info:
name: Quttera Web Malware Scanner <= 3.4.1.48 - Sensitive Data Exposure
author: s4e-io
severity: medium
description: |
The Quttera Web Malware Scanner WordPress plugin before 3.4.2.1 doesn't restrict access to detailed scan logs, which allows a malicious actor to discover local paths and portions of the site's code
impact: |
Unauthenticated attackers can access detailed scan logs revealing local file paths and portions of the site's source code, facilitating further targeted attacks.
remediati
https://drive.google.com/file/d/1w83xWsVLS_gCpQy4LDwbjNK9JaB87EEf/view?usp=sharinghttps://wpscan.com/vulnerability/64f2557f-c5e4-4779-9e28-911dfaf2dda5https://drive.google.com/file/d/1w83xWsVLS_gCpQy4LDwbjNK9JaB87EEf/view?usp=sharinghttps://wpscan.com/vulnerability/64f2557f-c5e4-4779-9e28-911dfaf2dda5
2023-12-18
Published