CVE-2023-28408

Summary

Directory traversal vulnerability in MW WP Form versions v4.4.2 and earlier allows a remote unauthenticated attacker to alter the website or cause a denial-of-service (DoS) condition, and obtain sensitive information depending on settings.

Affected Software

VendorProductVersion RangeStatus
Monkey Wrench Inc.MW WP Formversions v4.4.2 and earlieraffected

Weaknesses

  • Directory traversal

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References