Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/51130?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51130?format=api", "vulnerability_id": "VCID-wv2g-khf5-2bh5", "summary": "Local File Inclusion vulnerability in pretix Widget WordPress plugin pretix-widget on Windows allows PHP Local File Inclusion. This issue affects pretix Widget WordPress plugin: from 1.0.0 through 1.0.5.", "aliases": [ { "alias": "CVE-2024-9575" } ], "fixed_packages": [], "affected_packages": [], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9575", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65691", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9575" }, { "reference_url": "https://pretix.eu/about/en/blog/20241009-wordpress-plugin-1-0-6/", "reference_id": "20241009-wordpress-plugin-1-0-6", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-09T13:32:48Z/" } ], "url": "https://pretix.eu/about/en/blog/20241009-wordpress-plugin-1-0-6/" }, { "reference_url": "https://patchstack.com/database/vulnerability/pretix-widget/wordpress-pretix-widget-plugin-1-0-5-local-file-inclusion-vulnerability?_s_id=cve", "reference_id": "wordpress-pretix-widget-plugin-1-0-5-local-file-inclusion-vulnerability?_s_id=cve", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-09T13:32:48Z/" } ], "url": "https://patchstack.com/database/vulnerability/pretix-widget/wordpress-pretix-widget-plugin-1-0-5-local-file-inclusion-vulnerability?_s_id=cve" } ], "weaknesses": [ { "cwe_id": 22, "name": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "description": "The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory." }, { "cwe_id": 73, "name": "External Control of File Name or Path", "description": "The product allows user input to control or influence paths or file names that are used in filesystem operations." } ], "exploits": [], "severity_range_score": "8.5 - 8.5", "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wv2g-khf5-2bh5" }