WordPress 4.4-4.8.1 - Path Traversal in Customizer
Description | A path traversal vulnerability was discovered in the customizer. Reported by Weston Ruter of the WordPress Security Team. |
Affects WordPresses
References
CVE | 2017-14722 |
URL | https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/ |
URL | https://core.trac.wordpress.org/changeset/41397 |
Classification
Type | LFI |
OWASP Top 10 | A1: Injection |
CWE | CWE-22 |
Miscellaneous
Submitter | ethicalhack3r |
Submitter Website | https://dewhurstsecurity.com/ |
Submitter Twitter | ethicalhack3r |
Views | 6382 |
Verified | No |
WPVDB ID | 8912 |
Timeline
Publicly Published | 2017-09-19 (about 2 years ago) |
Added | 2017-09-25 (about 2 years ago) |
Last Updated | 2019-11-01 (about 1 month ago) |
Our Other Services
Online WordPress Vulnerability Scanner | WPScan WordPress Security Plugin |