CVE-2024-9765

Summary

The EKC Tournament Manager WordPress plugin before 2.2.2 allows a logged in admin to download system files outside of the WordPress directory

Affected Software

VendorProductVersion RangeStatus
UnknownEKC Tournament Manager0 < 2.2.2affected

Weaknesses

  • CWE-552 Files or Directories Accessible to External Parties

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References