CVE-2023-28408

CRITICAL 9.8

CVSS Score

9.8

EPSS Score

0.0%

EPSS Percentile

0th

Directory traversal vulnerability in MW WP Form versions v4.4.2 and earlier allows a remote unauthenticated attacker to alter the website or cause a denial-of-service (DoS) condition, and obtain sensitive information depending on settings.

Vendor	monkey wrench inc.
Product	mw wp form
Published	May 23, 2023
Last Updated	Jan 17, 2025

Stay Ahead of the Next One

Get instant alerts for monkey wrench inc. mw wp form

Be the first to know when new critical vulnerabilities affecting monkey wrench inc. mw wp form are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Monkey Wrench Inc. / MW WP Form

versions v4.4.2 and earlier

References

NVD ↗ CVE.org ↗ EPSS Data ↗

plugins.2inc.org: https://plugins.2inc.org/mw-wp-form/blog/2023/05/08/752/ jvn.jp: https://jvn.jp/en/jp/JVN01093915/