3 matches found
WordPress Hummingbird Plugin < 3.4.2 is vulnerable to Path Traversal
Software Hummingbird Type Plugin Vulnerable versions 3.4.2 Fixed in 3.4.2 OWASP Top 10 A3: Sensitive Data Exposure Classification Path Traversal CVE CVE-2023-1478 Patch priority High CVSS severity High 8.6 Developer WPMU DEV PSID 237afa7a6db1 Credits Karol Mazurek AFINE Required privilege...
CVE-2023-1478 Hummingbird < 3.4.2 - Unauthenticated Path Traversal
The Hummingbird WordPress plugin before 3.4.2 does not validate the generated file path for page cache files before writing them, leading to a path traversal vulnerability in the page cache module...
CVE-2023-1478
CVE-2023-1478 affects the WordPress plugin Hummingbird (pre-3.4.2). The issue is that the plugin does not validate the generated file path for page cache files before writing, causing a path traversal vulnerability in the page cache module. Reported impact in CVSS terms is high (CRITICAL) with un...