exploitDog

GHSA-mwq5-5f7r-qcv9

Опубликовано: 01 мар. 2022

Источник: github

Github: Не прошло ревью

Описание

The Contact Forms - Drag & Drop Contact Form Builder WordPress plugin through 1.0.5 allows high privilege users to download arbitrary files from the web server via a path traversal attack

The Contact Forms - Drag & Drop Contact Form Builder WordPress plugin through 1.0.5 allows high privilege users to download arbitrary files from the web server via a path traversal attack

Ссылки

EPSS

Процентиль: 74%

0.00846

Низкий

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2021-24689

CVSS3: 4.9

nvd

почти 4 года назад

The Contact Forms - Drag & Drop Contact Form Builder WordPress plugin through 1.0.5 allows high privilege users to download arbitrary files from the web server via a path traversal attack

EPSS

Процентиль: 74%

0.00846

Низкий

CVE ID

Дефекты

CWE-22