daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update and rename vulnerabilities/wordpress/wpvivid-backup-lfi.yaml to cves/2022/CVE-2022-2863.yaml

patch-1
Prince Chaddha 2022-10-28 19:19:23 +05:30 committed by GitHub
parent e321a7c34f
commit 1929404320
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
vulnerabilities/wordpress/wpvivid-backup-lfi.yaml → cves/2022/CVE-2022-2863.yaml
View File

@ -1,9 +1,9 @@
id: wpvivid-backup-lfi
id: CVE-2022-2863
info:
name: WordPress WPvivid Backup < 0.9.76 - Local File Inclusion
author: tehtbl
severity: high
severity: medium
description: The plugin does not sanitise and validate a parameter before using it to read the content of a file, allowing high privilege users to read any file from the web server via a Traversal attack.
remediation: Upgrade to version 0.9.76 or later.
reference:
@ -16,7 +16,7 @@ info:
cvss-score: 7.2
cwe-id: CWE-22
cve-id: CVE-2022-2863
tags: lfi,wp,wordpress,wp-plugin,authenticated,wpscan,cve,cve2022
tags: cve,cve2022,lfi,wp,wordpress,wp-plugin,authenticated,wpscan
requests:
- raw: