Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-wv2g-khf5-2bh5
SummaryLocal File Inclusion vulnerability in pretix Widget WordPress plugin pretix-widget on Windows allows PHP Local File Inclusion. This issue affects pretix Widget WordPress plugin: from 1.0.0 through 1.0.5.
Aliases
0
alias CVE-2024-9575
Fixed_packages
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-9575
reference_id
reference_type
scores
0
value 0.00483
scoring_system epss
scoring_elements 0.65691
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-9575
1
reference_url https://pretix.eu/about/en/blog/20241009-wordpress-plugin-1-0-6/
reference_id 20241009-wordpress-plugin-1-0-6
reference_type
scores
0
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/RE:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-09T13:32:48Z/
url https://pretix.eu/about/en/blog/20241009-wordpress-plugin-1-0-6/
2
reference_url https://patchstack.com/database/vulnerability/pretix-widget/wordpress-pretix-widget-plugin-1-0-5-local-file-inclusion-vulnerability?_s_id=cve
reference_id wordpress-pretix-widget-plugin-1-0-5-local-file-inclusion-vulnerability?_s_id=cve
reference_type
scores
0
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/RE:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-09T13:32:48Z/
url https://patchstack.com/database/vulnerability/pretix-widget/wordpress-pretix-widget-plugin-1-0-5-local-file-inclusion-vulnerability?_s_id=cve
Weaknesses
0
cwe_id 22
name Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
description The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
1
cwe_id 73
name External Control of File Name or Path
description The product allows user input to control or influence paths or file names that are used in filesystem operations.
Exploits
Severity_range_score8.5 - 8.5
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-wv2g-khf5-2bh5