Update and rename vulnerabilities/wordpress/wpvivid-backup-lfi.yaml to cves/2022/CVE-2022-2863.yaml
parent
e321a7c34f
commit
1929404320
|
@ -1,9 +1,9 @@
|
|||
id: wpvivid-backup-lfi
|
||||
id: CVE-2022-2863
|
||||
|
||||
info:
|
||||
name: WordPress WPvivid Backup < 0.9.76 - Local File Inclusion
|
||||
author: tehtbl
|
||||
severity: high
|
||||
severity: medium
|
||||
description: The plugin does not sanitise and validate a parameter before using it to read the content of a file, allowing high privilege users to read any file from the web server via a Traversal attack.
|
||||
remediation: Upgrade to version 0.9.76 or later.
|
||||
reference:
|
||||
|
@ -16,7 +16,7 @@ info:
|
|||
cvss-score: 7.2
|
||||
cwe-id: CWE-22
|
||||
cve-id: CVE-2022-2863
|
||||
tags: lfi,wp,wordpress,wp-plugin,authenticated,wpscan,cve,cve2022
|
||||
tags: cve,cve2022,lfi,wp,wordpress,wp-plugin,authenticated,wpscan
|
||||
|
||||
requests:
|
||||
- raw:
|
Loading…
Reference in New Issue