Описание
The Creta Testimonial Showcase WordPress plugin before 1.2.4 is vulnerable to Local File Inclusion. This makes it possible for authenticated attackers, with editor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files.
EPSS
Процентиль: 28%
0.00099
Низкий
7.2 High
CVSS3
Дефекты
Связанные уязвимости
CVSS3: 7.2
github
3 месяца назад
The Creta Testimonial Showcase WordPress plugin before 1.2.4 is vulnerable to Local File Inclusion. This makes it possible for authenticated attackers, with editor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files.
EPSS
Процентиль: 28%
0.00099
Низкий
7.2 High
CVSS3