CVE-2015-7683
CVE-2015-7683 concerns the Font WordPress plugin (version 7.5) with an absolute path traversal vulnerability. The flaw arises from an unsanitized POST parameter named url being passed to file_get_contents via AjaxProxy.php, allowing authenticated WordPress admins to read arbitrary files (e.g., /e...