Executive Summary

Informations
Name CVE-2024-6451 First vendor Publication 2024-08-19
Vendor Cve Last vendor Modification 2025-05-27

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

AI Engine < 2.4.3 is susceptible to remote-code-execution (RCE) via Log Poisoning. The AI Engine WordPress plugin before 2.5.1 fails to validate the file extension of "logs_path", allowing Administrators to change log filetypes from .log to .php.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6451

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-532 Information Leak Through Log Files

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1

Sources (Detail)

https://wpscan.com/vulnerability/fc06d413-a227-470c-a5b7-cdab57aeab34/
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
Date Informations
2025-05-28 00:20:47
  • Multiple Updates
2024-08-20 02:47:58
  • Multiple Updates
2024-08-20 02:47:53
  • Multiple Updates
2024-08-19 17:27:24
  • Multiple Updates
2024-08-19 13:27:29
  • First insertion