CVE-2024-5599

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jun 7, 2024

Summary

CVE-2024-5599 is a vulnerability found in the FileOrganizer - Manage WordPress and Website Files plugin for WordPress. This vulnerability affects all versions up to and including 1.0.7 of the plugin. The vulnerability allows unauthenticated attackers to exploit the 'fileorganizer_ajax_handler' function, resulting in sensitive information exposure. Attackers can extract sensitive data, such as backups or other sensitive information, if the files have been moved to the built-in Trash folder. The vulnerability poses a high risk to organizations as it has a base severity rating of HIGH and a base score of 7.5 according to [email protected], indicating significant potential for confidentiality impact. The exploitability score is 3.9 out of 10, suggesting a moderate level of difficulty for attackers to exploit this vulnerability. Remediation should involve updating the plugin to a version that addresses the vulnerability or finding an alternative solution to FileOrganizer if an update is not available.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-5599 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options