PT-2018-15398 · WordPress · Jsmol2Wp
Published
2018-12-25
·
Updated
2019-01-09
·
CVE-2018-20463
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
JSmol2WP plugin version 1.07
Description
An issue in the JSmol2WP plugin allows for arbitrary file read via directory traversal. This is achieved by exploiting the
query parameter in the jsmol.php query string with ../ directory traversal in php://filter/resource=. The issue can also be used for Server-Side Request Forgery (SSRF).Recommendations
For JSmol2WP plugin version 1.07, consider restricting access to the
jsmol.php file until a patch is available. As a temporary workaround, avoid using the query parameter in the jsmol.php query string to minimize the risk of exploitation.Exploit
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Jsmol2Wp