CVE-2023-3813

Name of the Vulnerable Software and Affected Versions Jupiter X Core plugin for WordPress versions up to, and including, 2.5.0

Description The issue allows unauthenticated attackers to download the contents of arbitrary files on the server, which can contain sensitive information. This requires the premium version of the plugin to be activated.

Recommendations For versions up to, and including, 2.5.0, update to a version later than 2.5.0 to resolve the issue. As a temporary workaround, consider disabling the premium version of the plugin until a patch is available. Restrict access to sensitive files on the server to minimize the risk of exploitation.