CVE-2015-7683

🗓️ 16 Oct 2015 20:00:00Reported by mitreType

cve🔗 web.nvd.nist.gov👁 85 Views🌐 WEB

CVE-2015-7683 Absolute path traversal vulnerability in Font.php in the Font plugin before 7.5.1 for WordPres

Reporter	Title	Published	Views	Family All 11
0day.today	WordPress Font 7.5 Path Traversal Vulnerability	13 Oct 201500:00	–	zdt
CNVD	WordPress Font plugin path traversal vulnerability	13 Oct 201500:00	–	cnvd
Cvelist	CVE-2015-7683	16 Oct 201520:00	–	cvelist
EUVD	EUVD-2015-7585	7 Oct 202500:30	–	euvd
NVD	CVE-2015-7683	16 Oct 201520:59	–	nvd
Packet Storm	WordPress Font 7.5 Path Traversal	12 Oct 201500:00	–	packetstorm
Patchstack	WordPress Font Plugin <= 7.5.0 - Absolute Path Traversal	2 Oct 201500:00	–	patchstack
Prion	Path traversal	16 Oct 201520:59	–	prion
securityvulns	CVE-2015-7683: Absolute Path Traversal in the Font WordPress Plugin	26 Oct 201500:00	–	securityvulns
securityvulns	Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)	26 Oct 201500:00	–	securityvulns

NVD

Node

font_project fontRange≤7.5wordpress

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/133930/WordPress-Font-7.5-Path-Traversal.html
wordpress	www.wordpress.org/plugins/font/changelog/
wpvulndb	www.wpvulndb.com/vulnerabilities/8214
securityfocus	www.securityfocus.com/archive/1/536670/100/0/threaded

Parameter	Position	Path	Description	CWE
url	request body	/wordpress/wp-content/plugins/font/AjaxProxy.php	Absolute path traversal via POST parameter 'url' processed by Font AjaxProxy.php	CWE-22

06 May 2026 22:30Current

6.8Medium risk

Vulners AI Score6.8

CVSS 24

EPSS0.00272