Количество 3
Количество 3
CVE-2022-2981
The Download Monitor WordPress plugin before 4.5.98 does not ensure that files to be downloaded are inside the blog folders, and not sensitive, allowing high privilege users such as admin to download the wp-config.php or /etc/passwd even in an hardened environment or multisite setup.
GHSA-2739-p2pg-h53m
The Download Monitor WordPress plugin before 4.5.98 does not ensure that files to be downloaded are inside the blog folders, and not sensitive, allowing high privilege users such as admin to download the wp-config.php or /etc/passwd even in an hardened environment or multisite setup.
BDU:2022-06232
Уязвимость плагина Download Monitor системы управления содержимым сайта WordPress, позволяющая нарушителю раскрыть защищаемую информацию
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-2981 The Download Monitor WordPress plugin before 4.5.98 does not ensure that files to be downloaded are inside the blog folders, and not sensitive, allowing high privilege users such as admin to download the wp-config.php or /etc/passwd even in an hardened environment or multisite setup. | CVSS3: 4.9 | 0% Низкий | почти 3 года назад |
| GHSA-2739-p2pg-h53m The Download Monitor WordPress plugin before 4.5.98 does not ensure that files to be downloaded are inside the blog folders, and not sensitive, allowing high privilege users such as admin to download the wp-config.php or /etc/passwd even in an hardened environment or multisite setup. | CVSS3: 4.9 | 0% Низкий | почти 3 года назад |
 | BDU:2022-06232 Уязвимость плагина Download Monitor системы управления содержимым сайта WordPress, позволяющая нарушителю раскрыть защищаемую информацию | CVSS3: 7.5 | 0% Низкий | почти 3 года назад |
Уязвимостей на страницу