cve/CVE-2022-2863.md at f1f1f9a798d36fa0748d135c6fe5299cdbcc69fb

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-06-01 11:10:36 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

The Migration, Backup, Staging WordPress plugin before 0.9.76 does not sanitise and validate a parameter before using it to read the content of a file, allowing high privilege users to read any file from the web server via a Traversal attack

POC

Reference

http://packetstormsecurity.com/files/168616/WordPress-WPvivid-Backup-Path-Traversal.html
https://wpscan.com/vulnerability/cb6a3304-2166-47a0-a011-4dcacaa133e5

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/ARPSyndicate/kenzer-templates
https://github.com/incogbyte/incogbyte
https://github.com/rodnt/rodnt
https://github.com/unp4ck/unp4ck

1.1 KiB Raw Blame History

CVE-2022-2863

Description

POC

Reference

Github

1.1 KiB

Raw Blame History