exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2023-2745

больше 2 лет назад

WordPress Core is vulnerable to Directory Traversal in versions up to, and including, 6.2, via the ‘wp_lang’ parameter. This allows unauthenticated attackers to access and load arbitrary translation files. In cases where an attacker is able to upload a crafted translation file onto the site, such as via an upload form, this could be also used to perform a Cross-Site Scripting attack.

CVSS3: 5.4

EPSS: Средний

CVE-2023-2745

больше 2 лет назад

WordPress Core is vulnerable to Directory Traversal in versions up to, and including, 6.2, via the ‘wp_lang’ parameter. This allows unauthenticated attackers to access and load arbitrary translation files. In cases where an attacker is able to upload a crafted translation file onto the site, such as via an upload form, this could be also used to perform a Cross-Site Scripting attack.

CVSS3: 5.4

EPSS: Средний

CVE-2023-2745

больше 2 лет назад

WordPress Core is vulnerable to Directory Traversal in versions up to, ...

CVSS3: 5.4

EPSS: Средний

GHSA-xgqr-2mpj-w9qv

больше 2 лет назад

WordPress Core is vulnerable to Directory Traversal in versions up to, and including, 6.2, via the ‘wp_lang’ parameter. This allows unauthenticated attackers to access and load arbitrary translation files. In cases where an attacker is able to upload a crafted translation file onto the site, such as via an upload form, this could be also used to perform a Cross-Site Scripting attack.

CVSS3: 5.4

EPSS: Средний

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2023-2745 WordPress Core is vulnerable to Directory Traversal in versions up to, and including, 6.2, via the ‘wp_lang’ parameter. This allows unauthenticated attackers to access and load arbitrary translation files. In cases where an attacker is able to upload a crafted translation file onto the site, such as via an upload form, this could be also used to perform a Cross-Site Scripting attack.	CVSS3: 5.4	69% Средний	больше 2 лет назад
CVE-2023-2745 WordPress Core is vulnerable to Directory Traversal in versions up to, and including, 6.2, via the ‘wp_lang’ parameter. This allows unauthenticated attackers to access and load arbitrary translation files. In cases where an attacker is able to upload a crafted translation file onto the site, such as via an upload form, this could be also used to perform a Cross-Site Scripting attack.	CVSS3: 5.4	69% Средний	больше 2 лет назад
CVE-2023-2745 WordPress Core is vulnerable to Directory Traversal in versions up to, ...	CVSS3: 5.4	69% Средний	больше 2 лет назад
GHSA-xgqr-2mpj-w9qv WordPress Core is vulnerable to Directory Traversal in versions up to, and including, 6.2, via the ‘wp_lang’ parameter. This allows unauthenticated attackers to access and load arbitrary translation files. In cases where an attacker is able to upload a crafted translation file onto the site, such as via an upload form, this could be also used to perform a Cross-Site Scripting attack.	CVSS3: 5.4	69% Средний	больше 2 лет назад

Уязвимостей на страницу