CVE-2015-4694 in Zip Attachments Pluginالمعلومات

الملخص

بحسب MITRE

Directory traversal vulnerability in download.php in the Zip Attachments plugin before 1.5.1 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the za_file parameter.

Be aware that VulDB is the high quality source for vulnerability data.

حجز

19/06/2015

إفشاء

08/01/2016

الاعتدال

تمت الموافقة

إدخال

VDB-80114

EPSS

0.15646

KEV

لا

النشاطات

منخفض جدًا

القطاع

Hostingprovider

المصادر

Do you want to use VulDB in your project?

Use the official API to access entries easily!