The WP Mail Log WordPress plugin before 1.1.3 does not properly validate file path parameters when attaching files to emails, leading to local file inclusion, and allowing an attacker to leak the contents of arbitrary files.
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/7c1dff5b-bed3-49f8-96cc-1bc9abe78749 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2023-12-26T18:33:09.420Z
Updated: 2023-12-26T18:33:09.420Z
Reserved: 2023-10-20T00:25:27.900Z
Link: CVE-2023-5672
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-12-26T19:15:07.937
Modified: 2024-01-04T17:08:45.617
Link: CVE-2023-5672
JSON object: View
Redhat Information
No data.
CWE