Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2023-3279

Disclosure Date: October 16, 2023 (last updated October 19, 2023)
The WordPress Gallery Plugin WordPress plugin before 3.39 does not validate some block attributes before using them to generate paths passed to include function/s, allowing Admin users to perform LFI attacks
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0