CVE-2025-15487

The Code Explorer plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.6 via the 'file' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary files on the server, which...

CVE-2025-15487

The Code Explorer plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.6 via the 'file' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary files on the server, which...

CVE-2025-15487

The Code Explorer plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.6 via the 'file' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary files on the server, which...

CVE-2025-15487 Code Explorer <= 1.4.6 - Authenticated (Administrator+) Arbitrary File Read via 'file' Parameter

The Code Explorer plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.6 via the 'file' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary files on the server, which...

EUVD-2025-206809

The Code Explorer plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.6 via the 'file' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary files on the server, which...

CVE-2025-15487

CVE-2025-15487 affects the WordPress Code Explorer plugin up to version 1.4.6. The root cause is a path traversal flaw exploitable via the file parameter, allowing authenticated attackers with Administrator-level access to read arbitrary server files. Impact is exposure of sensitive information; ...

CVE-2025-15487 Code Explorer <= 1.4.6 - Authenticated (Administrator+) Arbitrary File Read via 'file' Parameter

The Code Explorer plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.6 via the 'file' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary files on the server, which...

WordPress plugin Code Explorer 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

PT-2026-5888

Name of the Vulnerable Software and Affected Versions WordPress Code Explorer plugin versions through 1.4.6 Description The Code Explorer plugin for WordPress has a flaw that allows authorized users with Administrator-level access or higher to read arbitrary files on the server. This is possible...

WordPress Code Explorer plugin <= 1.4.6 - Authenticated (Administrator+) Arbitrary File Read via 'file' Parameter vulnerability

Authenticated Administrator+ Arbitrary File Read via 'file' Parameter vulnerability discovered by 0x34rth in WordPress Plugin Code Explorer versions = 1.4.6...

EUVD-2023-58099

Malicious code in bioql PyPI...

CVE-2023-5816

The Code Explorer plugin for WordPress is vulnerable to arbitrary external file reading in all versions up to, and including, 1.4.5. This is due to the fact that the plugin does not restrict accessing files to those outside of the WordPress instance, though the intention of the plugin is to only...

CVE-2023-5816

The Code Explorer plugin for WordPress is vulnerable to arbitrary external file reading in all versions up to, and including, 1.4.5. This is due to the fact that the plugin does not restrict accessing files to those outside of the WordPress instance, though the intention of the plugin is to only...

CVE-2023-5816

CVE-2023-5816 concerns the WordPress plugin Code Explorer (

WordPress plugin Code Explorer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Code Explorer plugin <= 1.4.5 - Authenticated (Admin+) External File Reading vulnerability

Authenticated Admin+ External File Reading vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Code Explorer versions = 1.4.5...

WordPress Code Explorer Plugin <= 1.4.5 is vulnerable to Directory Traversal

Software Code Explorer Type Plugin Vulnerable versions = 1.4.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Directory Traversal CVE CVE-2023-5816 Patch priority Low CVSS severity Low 4.9 Developer Claim ownership PSID 843977a32054 Credits Dmitrii Ignatyev Required privilege Administrato...