1 results (0.002 seconds)

CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 1

simple-gmail-login.php in the Simple Gmail Login plugin before 1.1.4 for WordPress allows remote attackers to obtain sensitive information via a request that lacks a timezone, leading to disclosure of the installation path in a stack trace. simple-gmail-login.php en el complemento Simple Gmail Login antes de v1.1.4 para WordPress permite a atacantes remotos obtener información sensible a través de una petición que carece de una zona horaria, lo que lleva a la divulgación de la ruta de instalación en una traza de pila. WordPress Simple Gmail Login plugin suffers from a stack trace error condition that can lead to full path disclosure. • https://www.exploit-db.com/exploits/38111 http://archives.neohapsis.com/archives/bugtraq/2012-12/0061.html http://wordpress.org/extend/plugins/simple-gmail-login/changelog • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •