Simple File List < 4.2.8 - Authenticated Arbitrary File Deletion

Affects Plugin

fixed in version 4.2.8

References

CVE 2020-12832
URL https://ctulhu.me/2020/05/16/cve-2020-12832/

Classification

Type TRAVERSAL
OWASP Top 10 A1: Injection
CWE CWE-22

Miscellaneous

Original Researcher Christian Angel
Views 716
Verified No
WPVDB ID 10250

Timeline

Publicly Published 2020-05-16 (about 2 months ago)
Added 2020-06-03 (about 1 month ago)
Last Updated 2020-06-04 (about 1 month ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin