Описание
PHP remote file inclusion vulnerability in relocate-upload.php in Relocate Upload plugin before 0.20 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter.
Ссылки
- ExploitPatch
- Vendor Advisory
- Patch
- Exploit
- ExploitPatch
- Vendor Advisory
- Patch
- Exploit
Уязвимые конфигурации
Конфигурация 1Версия до 0.14 (включая)
Одновременно
Одно из
cpe:2.3:a:alanft:relocate-upload:*:*:*:*:*:*:*:*
cpe:2.3:a:alanft:relocate-upload:0.10:*:*:*:*:*:*:*
cpe:2.3:a:alanft:relocate-upload:0.11:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.02304
Низкий
7.5 High
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
около 3 лет назад
PHP remote file inclusion vulnerability in relocate-upload.php in Relocate Upload plugin before 0.20 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter.
EPSS
Процентиль: 84%
0.02304
Низкий
7.5 High
CVSS2
Дефекты
CWE-94