CVE-2024-9627 in TeploBot Plugininformação

Sumário

de MITRE • 22/10/2024

The TeploBot - Telegram Bot for WP plugin for WordPress is vulnerable to sensitive information disclosure due to missing authorization checks on the 'service_process' function in all versions up to, and including, 1.3. This makes it possible for unauthenticated attackers to view the Telegram Bot Token, which is a secret token to control the bot.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservar

08/10/2024

Divulgação

22/10/2024

Moderação

aceite

Entrada

VDB-281470

CPE

pronto

EPSS

0.00351

KEV

não

Atividades

muito baixo

Fontes

Do you want to use VulDB in your project?

Use the official API to access entries easily!