Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-g4q2-gc49-8q5w

Опубликовано: 17 мая 2022
Источник: github
Github: Не прошло ревью
CVSS3: 6.3

Описание

Directory traversal vulnerability in the File_Upload_Upgrader class in wp-admin/includes/class-file-upload-upgrader.php in the upgrade package uploader in WordPress before 4.6.1 allows remote authenticated users to access arbitrary files via a crafted urlholder parameter.

Directory traversal vulnerability in the File_Upload_Upgrader class in wp-admin/includes/class-file-upload-upgrader.php in the upgrade package uploader in WordPress before 4.6.1 allows remote authenticated users to access arbitrary files via a crafted urlholder parameter.

EPSS

Процентиль: 85%
0.02639
Низкий

6.3 Medium

CVSS3

Дефекты

CWE-22

Связанные уязвимости

CVSS3: 6.3
ubuntu
больше 8 лет назад

Directory traversal vulnerability in the File_Upload_Upgrader class in wp-admin/includes/class-file-upload-upgrader.php in the upgrade package uploader in WordPress before 4.6.1 allows remote authenticated users to access arbitrary files via a crafted urlholder parameter.

CVSS3: 6.3
nvd
больше 8 лет назад

Directory traversal vulnerability in the File_Upload_Upgrader class in wp-admin/includes/class-file-upload-upgrader.php in the upgrade package uploader in WordPress before 4.6.1 allows remote authenticated users to access arbitrary files via a crafted urlholder parameter.

CVSS3: 6.3
debian
больше 8 лет назад

Directory traversal vulnerability in the File_Upload_Upgrader class in ...

EPSS

Процентиль: 85%
0.02639
Низкий

6.3 Medium

CVSS3

Дефекты

CWE-22