- The Photo Gallery by 10Web WordPress plugin before 1.8.15 did not ensure that uploaded files are kept inside its uploads folder, allowing high privilege users to put images anywhere in the filesystem via a path traversal vector.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2023-04-17T12:17:41.603Z

Updated: 2024-08-02T05:49:11.507Z

Reserved: 2023-03-16T10:39:16.489Z

Link: CVE-2023-1427

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-04-17T13:15:38.440

Modified: 2024-11-21T07:39:10.030

Link: CVE-2023-1427

cve-icon Redhat

No data.