Lucene search

K
patchstackRandom RobbiePATCHSTACK:5428EB23715377A424E8A376A77BD9EA
HistoryMar 24, 2020 - 12:00 a.m.

WordPress Post PDF Export plugin <= 1.0.1 - Unauthenticated Local File Inclusion (LFI) vulnerability

2020-03-2400:00:00
Random Robbie
patchstack.com
18

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.004 Low

EPSS

Percentile

74.7%

Unauthenticated Local File Inclusion (LFI) vulnerability discovered by Random Robbie in WordPress Post PDF Export plugin (versions <= 1.0.1).

Solution

           Plugin closed. Deactivate and delete.
CPENameOperatorVersion
post pdf exportle1.0.1

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.004 Low

EPSS

Percentile

74.7%