CVE-2018-8719

EUVD-2018-20329
An issue was discovered in the WP Security Audit Log plugin 3.1.1 for WordPress. Access to wp-content/uploads/wp-security-audit-log/* files is not restricted. For example, these files are indexed by Google and allows for attackers to possibly find sensitive information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 94%
Affected Products (NVD)
VendorProductVersion
wpsecurityauditlogwp_security_audit_log
3.1.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.exploit-db.com/exploits/44371/
https://www.exploit-db.com/exploits/44371/