4 matches found
CVE-2021-25021
The OMGF | Host Google Fonts Locally WordPress plugin before 4.5.12 does not validate the cache directory setting, allowing high privilege users to use a path traversal vector and delete arbitrary folders when uninstalling the plugin...
CVE-2021-25021
creationtimestamp| type| source ---|---|--- 2022-01-03 16:43:56+00:00| seen| https://t.me/cibsecurity/34846...
CVE-2021-25021
The vulnerability CVE-2021-25021 affects the WordPress plugin OMGF | Host Google Fonts Locally (versions before 4.5.12). The root cause is unvalidated cache directory settings allowing path traversal by high-privilege users, enabling deletion of arbitrary folders during uninstall. Impacts include...
CVE-2021-25021 OMGF < 4.5.12 - Admin+ Arbitrary Folder Deletion via Path Traversal
The OMGF | Host Google Fonts Locally WordPress plugin before 4.5.12 does not validate the cache directory setting, allowing high privilege users to use a path traversal vector and delete arbitrary folders when uninstalling the plugin...