Primary

Context

David de Boer Paytium WordPress Plugin Full Path Disclosure Vulnerability

Vulnerability

A full path disclosure vulnerability has been identified in the David de Boer Paytium WordPress plugin, affecting versions through 4.4.11. This vulnerability allows the retrieval of embedded sensitive data by disclosing the full path of files or directories on the server.

Impact

Exploitation of this vulnerability could lead to the unintentional exposure of sensitive information, such as the full file paths on the server, which could be leveraged to exploit other vulnerabilities.

Remediation

Users of the Paytium WordPress plugin should update to version 4.4.12 or later to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

David de Boer Paytium WordPress Plugin Full Path Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating