exploitDog

CVE-2023-5105

Опубликовано: 04 дек. 2023

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

The Frontend File Manager Plugin WordPress plugin before 22.6 has a vulnerability that allows an Editor+ user to bypass the file download logic and download files such as wp-config.php

Ссылки

https://wpscan.com/vulnerability/d40c7108-bad6-4ed3-8539-35c0f57e62cc
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/d40c7108-bad6-4ed3-8539-35c0f57e62cc
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:najeebmedia:frontend_file_manager_plugin:*:*:*:*:*:wordpress:*:*

Версия до 22.6 (исключая)

EPSS

Процентиль: 60%

0.00401

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-22

Связанные уязвимости

GHSA-88wc-fvvx-mpxr

CVSS3: 6.5

github

около 2 лет назад

The Frontend File Manager Plugin WordPress plugin before 22.6 has a vulnerability that allows an Editor+ user to bypass the file download logic and download files such as `wp-config.php`

EPSS

Процентиль: 60%

0.00401

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-22