6.7 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
70.9%
Directory traversal vulnerability in the zing_forum_output function in forum.php in the Zingiri Forum (aka Forums) plugin before 1.4.4 for WordPress allows remote attackers to read arbitrary files via a … (dot dot) in the url parameter to index.php.
osvdb.org/89069
secunia.com/advisories/50833
wordpress.org/plugins/zingiri-forum/changelog
exchange.xforce.ibmcloud.com/vulnerabilities/81156