WPvivid Backup < 0.9.76 - Admin+ Arbitrary File Read
CVE-2022-2863
4.9MEDIUM
Key Information:
- Vendor
Wordpress
- Vendor
- CVE Published:
- 16 September 2022
What is CVE-2022-2863?
The Migration, Backup, Staging WordPress plugin before 0.9.76 does not sanitise and validate a parameter before using it to read the content of a file, allowing high privilege users to read any file from the web server via a Traversal attack
Affected Version(s)
Migration, Backup, Staging – WPvivid 0.9.76