logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2023-2117

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2023-2117

Description:
The Image Optimizer by 10web WordPress plugin before 1.0.27 does not sanitize the dir parameter when handling the get_subdirs ajax action, allowing a high privileged users such as admins to inspect names of files and directories outside of the sites root.
Last updated date:
06/05/2023
Type:
exploit
Confidence:
HIGH
Date of publishing:
06/05/2023
Reference url to background

https://wpscan.com/vulnerability/44024299-ba40-4da7-81e1-bd44d10846f3

Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy