CVE-2018-21007
The CVE-2018-21007 entry affects the WordPress plugin woo-confirmation-email before version 3.2.0 . The vulnerability is an authorization flaw: the plugin does not block direct access to supportive files/folders inside the WordPress uploads directory, exposing potentially sensitive uploaded conte...