3 matches found
CVE-2023-3813
CVE-2023-3813 affects Jupiter X Core for WordPress. Versions up to and including 2.5.0 are vulnerable to unauthenticated arbitrary file downloads from the server, potentially exposing sensitive contents. The vulnerability is related to Jupiter X Core’s handling of file access and is described as ...
CVE-2023-3813 Jupiter X Core <= 4.6.6 - Unauthenticated Arbitrary File Download
The Jupiter X Core plugin for WordPress is vulnerable to arbitrary file downloads in versions up to, and including, 4.6.6. This makes it possible for unauthenticated attackers to download the contents of arbitrary files on the server, which can contain sensitive information. The requires the...
WordPress JupiterX Core Plugin <= 4.6.6 is vulnerable to Arbitrary File Download
Software JupiterX Core Type Plugin Vulnerable versions = 4.6.6 Fixed in 4.6.9 OWASP Top 10 A3: Injection Classification Arbitrary File Download CVE CVE-2023-3813 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 89a622a39c6e Credits István Márton Required privilege...