3 matches found
CVE-2020-36728
creationtimestamp| type| source ---|---|--- 2025-05-30 10:39:34+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2020/CVE-2020-36728.yaml 2025-05-31 21:02:19+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lqingbyzwk2u 2026-01-05...
CVE-2020-36728
The Adning Advertising plugin for WordPress is vulnerable to file deletion via path traversal in versions up to, and including, 1.5.5. This allows unauthenticated attackers to delete arbitrary files which can be used to reset and gain full control of a site...
CVE-2020-36728
CVE-2020-36728 concerns the WordPress Adning Advertising plugin. Public docs consistently describe unauthenticated path traversal that can delete arbitrary files (up to version 1.5.5, with some sources indicating issues up to 1.5.5 or 1.5.6). Nuclei templates also flag an arbitrary file upload vu...