exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2023-2745

около 2 лет назад

WordPress Core is vulnerable to Directory Traversal in versions up to, and including, 6.2, via the ‘wp_lang’ parameter. This allows unauthenticated attackers to access and load arbitrary translation files. In cases where an attacker is able to upload a crafted translation file onto the site, such as via an upload form, this could be also used to perform a Cross-Site Scripting attack.

CVSS3: 5.4

EPSS: Высокий

CVE-2023-2745

около 2 лет назад

WordPress Core is vulnerable to Directory Traversal in versions up to, and including, 6.2, via the ‘wp_lang’ parameter. This allows unauthenticated attackers to access and load arbitrary translation files. In cases where an attacker is able to upload a crafted translation file onto the site, such as via an upload form, this could be also used to perform a Cross-Site Scripting attack.

CVSS3: 5.4

EPSS: Высокий

CVE-2023-2745

около 2 лет назад

WordPress Core is vulnerable to Directory Traversal in versions up to, ...

CVSS3: 5.4

EPSS: Высокий

GHSA-xgqr-2mpj-w9qv

почти 2 года назад

WordPress Core is vulnerable to Directory Traversal in versions up to, and including, 6.2, via the ‘wp_lang’ parameter. This allows unauthenticated attackers to access and load arbitrary translation files. In cases where an attacker is able to upload a crafted translation file onto the site, such as via an upload form, this could be also used to perform a Cross-Site Scripting attack.

CVSS3: 5.4

EPSS: Высокий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2023-2745 WordPress Core is vulnerable to Directory Traversal in versions up to, and including, 6.2, via the ‘wp_lang’ parameter. This allows unauthenticated attackers to access and load arbitrary translation files. In cases where an attacker is able to upload a crafted translation file onto the site, such as via an upload form, this could be also used to perform a Cross-Site Scripting attack.	CVSS3: 5.4	71% Высокий	около 2 лет назад
CVE-2023-2745 WordPress Core is vulnerable to Directory Traversal in versions up to, and including, 6.2, via the ‘wp_lang’ parameter. This allows unauthenticated attackers to access and load arbitrary translation files. In cases where an attacker is able to upload a crafted translation file onto the site, such as via an upload form, this could be also used to perform a Cross-Site Scripting attack.	CVSS3: 5.4	71% Высокий	около 2 лет назад
CVE-2023-2745 WordPress Core is vulnerable to Directory Traversal in versions up to, ...	CVSS3: 5.4	71% Высокий	около 2 лет назад
GHSA-xgqr-2mpj-w9qv WordPress Core is vulnerable to Directory Traversal in versions up to, and including, 6.2, via the ‘wp_lang’ parameter. This allows unauthenticated attackers to access and load arbitrary translation files. In cases where an attacker is able to upload a crafted translation file onto the site, such as via an upload form, this could be also used to perform a Cross-Site Scripting attack.	CVSS3: 5.4	71% Высокий	почти 2 года назад

Уязвимостей на страницу