Lucene search
WPScanCVE-2023-5177HistoryOct 16, 2023 - 8:15 p.m.
CVE-2023-5177
2023-10-1620:15:17
WPScan
web.nvd.nist.gov
26
vrm 360
3d model viewer
wordpress plugin
cve-2023-5177
security vulnerability
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
AI Score
5.6
Confidence
High
EPSS
0.001
Percentile
21.8%
The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 exposes the full path of a file when putting in a non-existent file in a parameter of the shortcode.
Affected configurations
Node
mauricevrm360Range≤1.2.1wordpress
CNA Affected
[
{
"vendor": "Unknown",
"product": "Vrm 360 3D Model Viewer",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThanOrEqual": "1.2.1"
}
],
"defaultStatus": "affected",
"collectionURL": "https://wordpress.org/plugins"
}
]Related
wpexploit
wpexploit
Vrm 360 3D Model Viewer <= 1.2.1 - Full Path Disclosure
2023-09-25 00:00:00
wpvulndb
wpvulndb
Vrm 360 3D Model Viewer <= 1.2.1 - Full Path Disclosure
2023-09-25 00:00:00
nvd
nvd
CVE-2023-5177
2023-10-16 20:15:17
prion
prion
Path traversal
2023-10-16 20:15:00
cvelist
cvelist
CVE-2023-5177 Vrm 360 3D Model Viewer <= 1.2.1 - Full Path Disclosure
2023-10-16 19:38:53
wordfence
wordfence
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
AI Score
5.6
Confidence
High
EPSS
0.001
Percentile
21.8%
Related for CVE-2023-5177