Directory Traversal Vulnerability in GD Rating System Plugin by WordPress
CVE-2018-5291
7.5HIGH
What is CVE-2018-5291?
The GD Rating System plugin version 2.3 for WordPress is vulnerable to directory traversal attacks through the wp-admin/admin.php panel parameter for the gd-rating-system-tools page. This flaw could allow malicious users to access sensitive files on the server, posing a significant risk to the integrity and privacy of the web application. It is critical for users of this plugin to review their configurations and apply necessary patches or mitigations to secure their installations.