What is CVE-2024-6641?

CVE-2024-6641 is a medium-severity vulnerability in Astrasecuritysuite Wp Hardening (Discontinued), classified under Incorrect Regular Expression. CVSS score: 5.3/10. Published 2024-09-18.

How severe is CVE-2024-6641?

Medium severity. CVSS v3 base score is 5.3 out of 10.

Is CVE-2024-6641 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Astrasecuritysuite Wp Hardening (Discontinued)

CVE-2024-6641

The WP Hardening – Fix Your WordPress Security plugin for WordPress is vulnerable to Security Feature Bypass in all versions up to, and including, 1.2.6. This is due to use of an incorrect regular expression within the "Stop User Enumerati…

EPSS: 0.003 (57.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N.

Affected products

Astrasecuritysuite Wp Hardening (Discontinued) — versions 0

Weakness classification (CWE)

CWE-185 — Incorrect Regular Expression

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2024-6641?: CVE-2024-6641 is a medium-severity vulnerability in Astrasecuritysuite Wp Hardening (Discontinued), classified under Incorrect Regular Expression. CVSS score: 5.3/10. Published 2024-09-18.
How severe is CVE-2024-6641?: Medium severity. CVSS v3 base score is 5.3 out of 10.
Is CVE-2024-6641 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.