CVE-2019-15330
The CVE concerns the WordPress plugin WebP Express (before version 0.14.11). It has insufficient protection against arbitrary file reading, enabling potential information disclosure. Affected component: webp-express plugin for WordPress; vulnerability arises from inadequate access controls around...