CVE-2023-7062 - The Advanced File Manager Shortcodes plugin for WordPress is vulnerable to Directory Traversal in al

CVE-2023-7062

Summary

The Advanced File Manager Shortcodes plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4. This makes it possible for attackers with contributor access or higher to read the contents of arbitrary files on the server, which can contain sensitive information.

References

https://www.wordfence.com/threat-intel/vulnerabilities/id/8bf009f5-cf9e-4d38-9679-d3abb5817d30?source=cve
https://advancedfilemanager.com/product/file-manager-advanced-shortcode-wordpress/

Vulnerable Configurations

CVSS

Base:	None
Impact:
Exploitability:

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

Last major update

11-07-2024 - 13:05

Published

10-07-2024 - 02:15

Last modified

11-07-2024 - 13:05