Описание
The MelAbu WP Download Counter Button WordPress plugin through 1.8.6.7 does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/download arbitrary files.
EPSS
Процентиль: 27%
0.00096
Низкий
5.3 Medium
CVSS3
Дефекты
Связанные уязвимости
CVSS3: 5.3
github
3 месяца назад
The MelAbu WP Download Counter Button WordPress plugin through 1.8.6.7 does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/download arbitrary files.
EPSS
Процентиль: 27%
0.00096
Низкий
5.3 Medium
CVSS3