Описание
The GEO my WP WordPress plugin before 4.5.0.2 does not prevent unauthenticated attackers from including arbitrary files in PHP's execution context, which leads to Remote Code Execution.
Ссылки
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.5.0.2 (исключая)
cpe:2.3:a:geomywp:geo_my_wordpress:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 97%
0.41799
Средний
9.8 Critical
CVSS3
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 9.8
github
больше 1 года назад
The GEO my WP WordPress plugin before 4.5.0.2 does not prevent unauthenticated attackers from including arbitrary files in PHP's execution context, which leads to Remote Code Execution.
EPSS
Процентиль: 97%
0.41799
Средний
9.8 Critical
CVSS3
Дефекты
NVD-CWE-noinfo