exploitDog

GHSA-4524-hxm7-m92p

Опубликовано: 24 нояб. 2021

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter before passing it to the include() function, which could lead to a Local File Inclusion issue

The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter before passing it to the include() function, which could lead to a Local File Inclusion issue

Ссылки

EPSS

Процентиль: 95%

0.20545

Средний

7.5 High

CVSS3

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2021-24644

CVSS3: 7.5

nvd

около 4 лет назад

The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter before passing it to the include() function, which could lead to a Local File Inclusion issue

EPSS

Процентиль: 95%

0.20545

Средний

7.5 High

CVSS3

CVE ID

Дефекты

CWE-22