CVE-2012-0896

Currently unrated

Key Information:

Vendor: Wordpress
Status: Count Per Day
Vendor: CVE Published:; 20 January 2012

Summary

Absolute path traversal vulnerability in download.php in the Count Per Day module before 3.1.1 for WordPress allows remote attackers to read arbitrary files via the f parameter.

References

http://wordpress.org/extend/plugins/count-per-day/changelog/

x_refsource_CONFIRM

http://www.exploit-db.com/exploits/18355

exploitx_refsource_EXPLOIT-DB

http://osvdb.org/78270

vdb-entryx_refsource_OSVDB

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 20, 2012
Vulnerability Reserved
Jan 20, 2012