Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

mardi 6 avril 2021

Theme Editor Plugin up to 2.5 on WordPress /etc/passwd download_file file access

A vulnerability classified as problematic was found in Theme Editor Plugin up to 2.5 on WordPress (WordPress Plugin). This vulnerability affects the function download_file of the file /etc/passwd. Upgrading to version 2.6 eliminates this vulnerability.

Lien vers l'article source

Auteur: VulDB

Catégories: VulDBNombre de vues: 17

x

Événements SSI