Описание
The WP Editor plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.2.9.1. This makes it possible for authenticated attackers, with Administrator-level access and above, to read arbitrary files on the affected site's server which may reveal sensitive information.
Уязвимые конфигурации
Конфигурация 1Версия до 1.2.9.2 (исключая)
cpe:2.3:a:benjaminrojas:wp_editor:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 34%
0.00135
Низкий
4.9 Medium
CVSS3
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 4.9
github
10 месяцев назад
The WP Editor plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.2.9.1. This makes it possible for authenticated attackers, with Administrator-level access and above, to read arbitrary files on the affected site's server which may reveal sensitive information.
EPSS
Процентиль: 34%
0.00135
Низкий
4.9 Medium
CVSS3
Дефекты
CWE-22