Filtered by vendor Quttera
Subscriptions
Filtered by product Quttera Web Malware Scanner
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-8013 | 2 Quttera, Wordpress | 2 Quttera Web Malware Scanner, Wordpress | 2025-08-16 | 3.8 Low |
| The Quttera Web Malware Scanner plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.5.1.41 via the 'RunExternalScan' function. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. | ||||
| CVE-2023-6222 | 1 Quttera | 1 Quttera Web Malware Scanner | 2024-11-21 | 7.2 High |
| IThe Quttera Web Malware Scanner WordPress plugin before 3.4.2.1 does not validate user input used in a path, which could allow users with an admin role to perform path traversal attacks | ||||
| CVE-2023-6065 | 1 Quttera | 1 Quttera Web Malware Scanner | 2024-11-21 | 5.3 Medium |
| The Quttera Web Malware Scanner WordPress plugin before 3.4.2.1 doesn't restrict access to detailed scan logs, which allows a malicious actor to discover local paths and portions of the site's code | ||||
Page 1 of 1.