Описание
The WSM Downloader WordPress plugin through 1.4.0 allows any visitor to use its remote file download feature to download any local files, including sensitive ones like wp-config.php.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.4.0 (включая)
cpe:2.3:a:wsm_downloader_project:wsm_downloader:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 65%
0.00495
Низкий
7.5 High
CVSS3
Дефекты
CWE-552
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
The WSM Downloader WordPress plugin through 1.4.0 allows any visitor to use its remote file download feature to download any local files, including sensitive ones like wp-config.php.
EPSS
Процентиль: 65%
0.00495
Низкий
7.5 High
CVSS3
Дефекты
CWE-552