The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-about page.
References
Link | Resource |
---|---|
https://github.com/d4wner/Vulnerabilities-Report/blob/master/gd-rating-system.md | Exploit Third Party Advisory |
https://wordpress.org/support/topic/xss-lfi-bugs-at-the-latest-version-of-gd-rating-system/ | Broken Link |
https://wpvulndb.com/vulnerabilities/8995 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2018-01-08 07:29
Updated : 2024-02-04 19:29
NVD link : CVE-2018-5287
Mitre link : CVE-2018-5287
CVE.ORG link : CVE-2018-5287
JSON object : View
Products Affected
gd_rating_system_project
- gd_rating_system
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')