Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

correos

Source -

NVD

BOS Name -

N/A

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

2
Related CVEsRelated ProductsRelated AssignersReports
2Vulnerabilities found
CVE-2023-0331
Assigner-WPScan
ShareView Details
Assigner-WPScan
CVSS Score-7.5||HIGH
EPSS-0.27% / 49.91%
||
7 Day CHG~0.00%
Published-27 Feb, 2023 | 15:24
Updated-10 Mar, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Correos Oficial <= 1.2.0.2 - Unauthenticated Arbitrary File Download

The Correos Oficial WordPress plugin through 1.2.0.2 does not have an authorization check user input validation when generating a file path, allowing unauthenticated attackers to download arbitrary files from the server.

Action-Not Available
Vendor-correosUnknown
Product-correos_oficialCorreos Oficial
CWE ID-CWE-552
Files or Directories Accessible to External Parties
CVE-2022-46639
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.28% / 51.27%
||
7 Day CHG~0.00%
Published-23 Jan, 2023 | 00:00
Updated-03 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the descarga_etiqueta.php component of Correos Prestashop 1.7.x allows attackers to execute a directory traversal.

Action-Not Available
Vendor-correosn/a
Product-correosn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')