CVE-2024-56055
CVSS 3.1 Score 8.5 of 10 (high)
Details
Published Dec 18, 2024
CWE ID 35
Summary
CVE-2024-56055 is a newly disclosed Path Traversal vulnerability that affects the WPLMS software from version n/a before 1.9.9.5.2. Maliciously crafted file paths with the use of '.../...//' sequence can be exploited by attackers to traverse and access unintended directories, potentially obtaining sensitive information or executing malicious code. This security flaw poses a significant risk, and users are strongly advised to update their WPLMS installations to the latest version to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- WP LMS
Affected Vendors
- Proofpoint, Inc.