CVE-2020-12832

Sažetak

WordPress Plugin Simple File List before 4.2.8 is prone to a vulnerability that lets attackers delete arbitrary files because the application fails to properly verify user-supplied input.

Reference

https://ctulhu.me/2020/05/16/cve-2020-12832/
https://plugins.trac.wordpress.org/changeset/2302759
https://wordpress.org/plugins/simple-file-list/#developers

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

21-05-2020 - 16:15

Objavljeno

13-05-2020 - 18:15