CVE-2023-1478

Name of the Vulnerable Software and Affected Versions Hummingbird WordPress plugin versions prior to 3.4.2

Description The issue is related to a path traversal vulnerability in the page cache module of the Hummingbird WordPress plugin. This vulnerability occurs because the plugin does not validate the generated file path for page cache files before writing them.

Recommendations For versions prior to 3.4.2, update to version 3.4.2 or later to resolve the issue. As a temporary workaround, consider disabling the page cache module until a patch is available. Restrict access to the page cache files to minimize the risk of exploitation.