CVE-2023-2688

EPSS 1.74%
Veröffentlicht 09.06.2023 06:16:11
Zuletzt bearbeitet 08.04.2026 19:18:17
Quelle security@wordfence.com
CVE-Watchlists
Login
Unerledigt
Login

WordPress File Upload / WordPress File Upload Pro <= 4.19.1 - Authenticated (Administrator+) Path Traversal

The WordPress File Upload and WordPress File Upload Pro plugins for WordPress are vulnerable to Path Traversal in versions up to, and including, 4.19.1 via the vulnerable parameter wfu_newpath. This allows administrator-level attackers to move files uploaded with the plugin (located in wp-content/uploads by default) outside of the web root.

Mögliche Gegenmaßnahme

WordPress File Upload Pro: Update to version 4.19.2, or a newer patched version

Iptanus File Upload: Update to version 4.19.2, or a newer patched version

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

NVD 2 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Iptanus ≫ Wordpress File Upload SwPlatformwordpress Version <= 4.19.1

Iptanus ≫ Wordpress File Upload Pro SwPlatformwordpress Version <= 4.19.1

Weitere Schwachstelleninformationen

SystemWordPress Plugin

≫

Produkt WordPress File Upload Pro

Version *-4.19.1

SystemWordPress Plugin

≫

Produkt Iptanus File Upload

Version *-4.19.1

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.74%	0.747

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.9	1.2	3.6	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
security@wordfence.com	4.9	1.2	3.6	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2915978%40wp-file-upload%2Ftrunk&old=2909107%40wp-file-upload%2Ftrunk&sfp_email=&sfph_mail=#file2

Patch

https://www.wordfence.com/threat-intel/vulnerabilities/id/abd6eeac-0a7e-4762-809f-593cd85f303d?source=cve

Third Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/abd6eeac-0a7e-4762-809f-593cd85f303d

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-2688

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-2688

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-2688

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2023-2688