The RVM WordPress plugin before 6.4.2 does not have proper authorisation, CSRF checks and validation of the rvm_upload_regions_file_path parameter in the rvm_import_regions AJAX action, allowing any authenticated user, such as subscriber, to read arbitrary files on the web server
[
{
"product": "RVM – Responsive Vector Maps",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.4.2",
"status": "affected",
"version": "6.4.2",
"versionType": "custom"
}
]
}
]