1 results (0.003 seconds)

CVSS: 7.5EPSS: 90%CPEs: 19EXPL: 1

Directory traversal vulnerability in the Google Doc Embedder plugin before 2.5.4 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to libs/pdf.php. Vulnerabilidad de salto de directorio en el plugin Google Doc Embedder anterior a 2.5.4 para WordPress permite a atacantes remotos leer archivos arbitrarios a través de un .. (punto punto) en el parámetro file en libs/pdf.php. • https://www.exploit-db.com/exploits/23970 http://osvdb.org/88891 http://secunia.com/advisories/50832 http://www.securityfocus.com/bid/57133 https://exchange.xforce.ibmcloud.com/vulnerabilities/80930 http://web.archive.org/web/20130119141940/http://secunia.com/advisories/50832 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •