Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2022-68541
HistoryJan 05, 2022 - 12:00 a.m.

WordPress plugin CAOS|Host Google Fonts Locally path traversal vulnerability

2022-01-0500:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
wordpress
php
mysql
path traversal
vulnerability
cache directory
unityengineinstalling plugin.

EPSS

0.001

Percentile

25.9%

JSON

WordPress is a set of blogging platform developed using PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.A path traversal vulnerability exists in the WordPress plugin CAOS|Host Google Fonts Locally. The vulnerability stems from the program not validating the cache directory settings. An attacker could use the path traversal vector and delete arbitrary folders when uninstalling the plugin.

Related

nvd 1
wpexploit 1
prion 1
cve 1
cvelist 1
patchstack 1
wpvulndb 1
nvd
nvd
CVE-2021-25020
2022-01-03 13:15:08
wpexploit
wpexploit
CAOS < 4.1.9 - Admin+ Arbitrary Folder Deletion via Path Traversal
2021-12-01 00:00:00
prion
prion
Path traversal
2022-01-03 13:15:00
cve
cve
CVE-2021-25020
2022-01-03 13:15:08
cvelist
cvelist
CVE-2021-25020 CAOS < 4.1.9 - Admin+ Arbitrary Folder Deletion via Path Traversal
2022-01-03 12:49:13
patchstack
patchstack
WordPress CAOS | Host Google Analytics Locally plugin <= 4.1.8 - Arbitrary Folder Deletion via Path Traversal vulnerability
2021-12-01 00:00:00
wpvulndb
wpvulndb
CAOS < 4.1.9 - Admin+ Arbitrary Folder Deletion via Path Traversal
2021-12-01 00:00:00

EPSS

0.001

Percentile

25.9%

JSON
Related for CNVD-2022-68541
nvd1wpexploit1prion1cve1cvelist1patchstack1wpvulndb1