Lucene search
PRIOn knowledge basePRION:CVE-2020-36728HistoryJun 07, 2023 - 1:15 p.m.
Path traversal
2023-06-0713:15:00
PRIOn knowledge base
www.prio-n.com
4
adning advertising
wordpress
file deletion
path traversal
unauthenticated attackers
arbitrary files
full control
The Adning Advertising plugin for WordPress is vulnerable to file deletion via path traversal in versions up to, and including, 1.5.5. This allows unauthenticated attackers to delete arbitrary files which can be used to reset and gain full control of a site.
| CPE | Name | Operator | Version |
|---|---|---|---|
| adning_advertising | lt | 1.5.6 |
References
blog.nintechnet.com/critical-vulnerability-in-adning-advertising-plugin-actively-exploited-in-the-wild/
codecanyon.net/item/wp-pro-advertising-system-all-in-one-ad-manager/269693
www.wordfence.com/blog/2020/07/critical-vulnerabilities-patched-in-adning-advertising-plugin/
www.wordfence.com/threat-intel/vulnerabilities/id/e7506429-7f8a-45b5-b1b0-6fdb39599ee5?source=cve
Related
cvelist
cvelist
CVE-2020-36728
2023-06-07 12:43:13
cve
cve
CVE-2020-36728
2023-06-07 13:15:09
nvd
nvd
CVE-2020-36728
2023-06-07 13:15:09