CVE-2022-4031

The Simple:Press plugin for WordPress is vulnerable to arbitrary file modifications in versions up to, and including, 6.8 via the 'file' parameter which does not properly restrict files to be edited in the context of the plugin. This makes it possible with attackers, with high-level permissions...

CVE-2022-4031

The Simple:Press plugin for WordPress is vulnerable to arbitrary file modifications in versions up to, and including, 6.8 via the 'file' parameter which does not properly restrict files to be edited in the context of the plugin. This makes it possible with attackers, with high-level permissions...

Design/Logic Flaw

The Simple:Press plugin for WordPress is vulnerable to arbitrary file modifications in versions up to, and including, 6.8 via the 'file' parameter which does not properly restrict files to be edited in the context of the plugin. This makes it possible with attackers, with high-level permissions...

CVE-2022-4031

The CVE-2022-4031 entry concerns the Simple:Press WordPress plugin (versions up to and including 6.8) and describes an arbitrary file modification vulnerability via the file parameter, where an attacker with high privileges (e.g., admin) can supply filesystem paths to modify files outside the int...

CVE-2022-4031 Simple:Press <= 6.8 - Authenticated (Admin+) Path Traversal to Arbitrary File Modification

The Simple:Press plugin for WordPress is vulnerable to arbitrary file modifications in versions up to, and including, 6.8 via the 'file' parameter which does not properly restrict files to be edited in the context of the plugin. This makes it possible with attackers, with high-level permissions...

CVE-2022-4031 Simple:Press <= 6.8 - Authenticated (Admin+) Path Traversal to Arbitrary File Modification

The Simple:Press plugin for WordPress is vulnerable to arbitrary file modifications in versions up to, and including, 6.8 via the 'file' parameter which does not properly restrict files to be edited in the context of the plugin. This makes it possible with attackers, with high-level permissions...

PT-2022-25342 · WordPress · Simple:Press

Name of the Vulnerable Software and Affected Versions: Simple:Press plugin for WordPress versions up to, and including, 6.8 Description: The issue allows for arbitrary file modifications via the file parameter, which does not properly restrict files to be edited in the context of the plugin. This...

Mandriva Linux Security Advisory : python-numpy (MDVSA-2015:077)

Updated python-numpy packages fix security vulnerabilities : f2py insecurely used a temporary file. A local attacker could use this flaw to perform a symbolic link attack to modify an arbitrary file accessible to the user running f2py CVE-2014-1858, CVE-2014-1859. %NASLMINLEVEL 70300 C Tenable...