Arbitrary File Overwrite Vulnerability in WordPress Advanced Access Manager Plugin
CVE-2014-6059

7.2HIGH

Key Information:

Vendor
Wordpress
Status
Advanced Access Manager
Vendor
CVE Published:
13 January 2020

Summary

The Advanced Access Manager Plugin for WordPress prior to version 2.8.2 is susceptible to an arbitrary file overwrite vulnerability. This flaw allows an attacker to exploit the file handling capabilities of the plugin, enabling unauthorized file modifications on the server. If successfully exploited, it could result in significant implications for site integrity and security. It is crucial for users to update the plugin promptly to the latest version to safeguard their applications from potential threats. More details can be found in the related references on security databases.

References

http://packetstormsecurity.com/files/128137/WordPress-Adv...
x_refsource_MISC
http://www.securityfocus.com/bid/69549
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/95694
x_refsource_MISC

CVSS V3.1

Score:
7.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.