HIGH🇬🇧 English

CVE-2023-6947

CVSS 7.7v3.1pub. 2024-12-10upd. 2025-02-24

The Best WordPress Gallery Plugin – FooGallery plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4.26. This makes it possible for authenticated attackers, with contributor level or higher to read the contents of arbitrary folders on the server, which can contain sensitive information such as folder structure.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
  • Fooplugins Foogallery

    APP
    Fooplugins
    < 2.4.27
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Path Traversal
CWE
Referencje

Powiązane podatności

CVE-2023-44244HIGH7.1ten sam produkt

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FooPlugins FooGallery plugin <= 2.2.44 versions.

CVE-2023-29439HIGH7.1ten sam produkt

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FooPlugins FooGallery plugin <= 2.2.35 versions.

CVE-2025-6068MEDIUM6.4ten sam produkt

The FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel plugin for WordPress is...

CVE-2024-12114MEDIUM4.3ten sam produkt

The FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel plugin for WordPress is...

CVE-2024-12119MEDIUM6.4ten sam produkt

The FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel plugin for WordPress is...

CVE-2023-6947 — HIGH 7.7 | CVEbaza.pl