PT-2023-16975 · 10Web · The Photo Gallery

Nguyen Huu Do

Publicado

2023-04-17

Atualizado

2023-04-25

CVE-2023-1427

CVSS v3.1

4.9

Média

Vetor

AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions The Photo Gallery by 10Web WordPress plugin versions prior to 1.8.15

Description The issue allows high privilege users to upload files outside of the intended uploads folder due to a path traversal vector, potentially enabling them to place images anywhere in the filesystem.

Recommendations For versions prior to 1.8.15, update to version 1.8.15 or later to resolve the issue.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2023-1427

Produtos afetados

The Photo Gallery

PT-2023-16975 · 10Web · The Photo Gallery

CVE-2023-1427

Identificadores relacionados

Produtos afetados

Referências · 6