The Download Manager WordPress plugin before 3.2.55 does not validate one of its settings, which could allow high privilege users such as admin to list and read arbitrary files and folders outside of the blog directory
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/2a440e1a-a7e4-4106-839a-d93895e16785 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2022-09-26T12:35:35
Updated: 2022-09-26T12:35:35
Reserved: 2022-08-22T00:00:00
Link: CVE-2022-2926
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-09-26T13:15:10.577
Modified: 2022-09-28T16:30:47.050
Link: CVE-2022-2926
JSON object: View
Redhat Information
No data.
CWE