Lucene search
N/APATCHSTACK:958614964662C58A3B7B9BDB5AA229B7HistoryOct 02, 2015 - 12:00 a.m.
WordPress Font Plugin <= 7.5.0 - Absolute Path Traversal
2015-10-0200:00:00
N/A
patchstack.com
5
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
This vulnerability allows the administrators to read arbitrary files via a full pathname in the “URL” parameter to AjaxProxy.php.
Solution
Update the plugin.
Related
packetstorm
packetstorm
WordPress Font 7.5 Path Traversal
2015-10-12 00:00:00
cvelist
cvelist
CVE-2015-7683
2015-10-16 20:00:00
zdt
zdt
WordPress Font 7.5 Path Traversal Vulnerability
2015-10-13 00:00:00
wpvulndb
wpvulndb
Font <= 7.5 - Authenticated Path Traversal
2015-10-12 00:00:00
cve
cve
CVE-2015-7683
2015-10-16 20:59:00
prion
prion
Path traversal
2015-10-16 20:59:00
securityvulns
securityvulns
CVE-2015-7683: Absolute Path Traversal in the Font WordPress Plugin
2015-10-26 00:00:00
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
Related for PATCHSTACK:958614964662C58A3B7B9BDB5AA229B7