CVE-2025-8559 in All in One Music Player Plugin정보

요약

\~에 의해 MITRE • 2025. 09. 30.

The All in One Music Player plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.1 via the 'theme' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to read the contents of files on the server, which can contain sensitive information.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

공개

2025. 09. 30.

모더레이션

수락

항목

VDB-326279

CPE

준비됨

CWE

CWE-22 (확인됨)

CVSS

6.5 (CNA)

EPSS

0.00064

KEV

아니요

활동

매우 낮음

부문

Hostingprovider

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-8559
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-8559
CVE Details	https://www.cvedetails.com/cve/CVE-2025-8559/

◂ 이전 개요 다음 ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!