Описание
The WooCommerce Designer Pro theme for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.9.28. This makes it possible for unauthenticated attackers to read arbitrary files on the server, which can expose DB credentials when the wp-config.php file is read.
EPSS
Процентиль: 42%
0.00196
Низкий
8.6 High
CVSS3
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 8.6
github
3 месяца назад
The WooCommerce Designer Pro theme for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.9.28. This makes it possible for unauthenticated attackers to read arbitrary files on the server, which can expose DB credentials when the wp-config.php file is read.
EPSS
Процентиль: 42%
0.00196
Низкий
8.6 High
CVSS3
Дефекты
CWE-22