5 matches found
CVE-2023-46784
CVE-2023-46784 affects WordPress ICS Calendar plugin
CVE-2023-46784 WordPress ICS Calendar plugin <= 10.12.0.3 - SSRF and Arbitrary File Read vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal', Server-Side Request Forgery SSRF vulnerability in Room 34 Creative Services, LLC ICS Calendar ics-calendar allows Absolute Path Traversal, : Server Side Request Forgery.This issue affects ICS Calendar: from n/a through...
CVE-2023-46784 WordPress ICS Calendar plugin <= 10.12.0.3 - SSRF and Arbitrary File Read vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal', Server-Side Request Forgery SSRF vulnerability in Room 34 Creative Services, LLC ICS Calendar ics-calendar allows Absolute Path Traversal, : Server Side Request Forgery.This issue affects ICS Calendar: from n/a through...
WordPress ICS Calendar Plugin <= 10.12.0.3 is vulnerable to Arbitrary File Download
Software ICS Calendar Type Plugin Vulnerable versions = 10.12.0.3 Fixed in 10.12.0.4 OWASP Top 10 A4: Insecure Design Classification Arbitrary File Download CVE CVE-2023-46784 Patch priority Medium CVSS severity Medium 8.2 Developer Claim ownership PSID 662755066f6f Credits Muhammad Daffa Require...
CVE-2023-5755
CVE-2023-5755 is a duplicate of CVE-2023-46784 and adds no new technical details. The flaw affects the WordPress ICS Calendar plugin (ics-calendar) prior to version 10.12.0.3, caused by improper limitation of a pathname, enabling Path Traversal and SSRF. The connected CVE-2023-46784 entry confirm...