Lucene search
WPScanCVELIST:CVE-2023-1427HistoryApr 17, 2023 - 12:17 p.m.
CVE-2023-1427 Photo Gallery by 10Web < 1.8.15 - Admin+ Path Traversal
2023-04-1712:17:41
WPScan
www.cve.org
photo gallery
10web
cve-2023-1427
path traversal
wordpress
plugin
file upload
0.001 Low
EPSS
Percentile
23.6%
- The Photo Gallery by 10Web WordPress plugin before 1.8.15 did not ensure that uploaded files are kept inside its uploads folder, allowing high privilege users to put images anywhere in the filesystem via a path traversal vector.
CNA Affected
[
{
"vendor": "Unknown",
"product": "Photo Gallery by 10Web",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThan": "1.8.15"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
}
]Related
wpvulndb
wpvulndb
Photo Gallery by 10Web < 1.8.15 - Admin+ Path Traversal
2023-03-27 00:00:00
prion
prion
Path traversal
2023-04-17 13:15:00
cve
cve
CVE-2023-1427
2023-04-17 13:15:38
openvas
openvas
WordPress Photo Gallery Plugin < 1.8.15 Path Traversal Vulnerability
2023-04-18 00:00:00
wpexploit
wpexploit
Photo Gallery by 10Web < 1.8.15 - Admin+ Path Traversal
2023-03-27 00:00:00
nvd
nvd
CVE-2023-1427
2023-04-17 13:15:38