Lucene search
China National Vulnerability DatabaseCNVD-2021-102395HistoryDec 15, 2021 - 12:00 a.m.
WordPress Plugin Path Traversal Vulnerability (CNVD-2021-102395)
2021-12-1500:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
0.025 Low
EPSS
Percentile
90.1%
WordPress is the Wordpress Foundation’s set of blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress plugin has a path traversal vulnerability, which originates from the All-in-One Video Gallery WordPress plugin before 2.5.0 in the admin The failure to clean and validate the tab parameter before using it in the require statement of the panel leads to local file inclusion issues. No details of the vulnerability are currently available.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress all-in-one video gallery | lt | 2.5.0 |
Related
cvelist
cvelist
CVE-2021-24970 All-In-One-Gallery < 2.5.0 - Admin+ Local File Inclusion
2021-12-13 10:41:31
cve
cve
CVE-2021-24970
2021-12-13 11:15:09
wpexploit
wpexploit
All-In-One-Gallery < 2.5.0 - Admin+ Local File Inclusion
2021-11-15 00:00:00
prion
prion
Design/Logic Flaw
2021-12-13 11:15:00
wpvulndb
wpvulndb
All-In-One-Gallery < 2.5.0 - Admin+ Local File Inclusion
2021-11-15 00:00:00
patchstack
patchstack
nuclei
nuclei
WordPress All-In-One Video Gallery <2.5.0 - Local File Inclusion
2023-03-18 22:07:09
nvd
nvd
CVE-2021-24970
2021-12-13 11:15:09