CVE-2023-0331
- Reference to the description:
- Description:
- The Correos Oficial WordPress plugin through 1.2.0.2 does not have an authorization check user input validation when generating a file path, allowing unauthenticated attackers to download arbitrary files from the server.
- Last updated date:
- 03/04/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 03/04/2023
- Reference url to background
https://wpscan.com/vulnerability/1b4dbaf3-1364-4103-9a7b-b5a1355c685b