← voltar
CVE-2023-1274

Pricing Tables For WPBakery Page Builder < 3.0 - Subscriber+ LFI

EPSS 0.9%
The Pricing Tables For WPBakery Page Builder (formerly Visual Composer) WordPress plugin before 3.0 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users such as subscriber to perform LFI attacks
Produtos afetados
Unknown · Pricing Tables For WPBakery Page Builder (formerly Visual Composer)

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://wpscan.com/vulnerability/267acb2c-1a95-487f-a714-516de05d2b2f