CVE-2018-5290
The CVE-2018-5290 entry concerns WordPress GD Rating System plugin version 2.3, which suffers a directory traversal vulnerability in the gd-rating-system-transfer path via wp-admin/admin.php. This allows reading arbitrary files on the server (CNVD/OpenVAS details; CVSSv3 base 7.5, high). Patch st...