Directory Traversal Vulnerabilities in Tera Charts Plugin for WordPress
CVE-2014-4940

Currently unrated

Key Information:

Vendor

Wordpress
Status
Tera-charts
Vendor
CVE Published:
11 July 2014

What is CVE-2014-4940?

The Tera Charts plugin for WordPress version 0.1 has multiple directory traversal vulnerabilities that can lead to unauthorized file access. By manipulating the 'fn' parameter in requests made to 'charts/treemap.php' or 'charts/zoomabletreemap.php', attackers can perform directory traversal techniques to read arbitrary files on the server. This vulnerability allows the exposure of sensitive information stored on the system, making it crucial for users to apply the necessary updates and mitigate potential risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://codevigilant.com/disclosure/wp-plugin-tera-chart-l...
x_refsource_MISC
https://plugins.trac.wordpress.org/changeset?sfp_email=&s...
x_refsource_CONFIRM

EPSS Score

49% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.