Path Traversal Vulnerability in Adifier System
CVE-2023-49753

7.5HIGH

Key Information:

Vendor: WordPress
Status: Adifier System
Vendor: CVE Published:; 17 May 2024

Summary

A Path Traversal vulnerability has been identified in the Adifier System developed by SpoonThemes, which enables local PHP file inclusion. This vulnerability stems from improper limitations on pathname access, potentially allowing unauthorized access to sensitive file resources on the server. It impacts all versions prior to 3.1.4, emphasizing the critical need for users of the Adifier System to upgrade their installations to mitigate any associated security risks.

Affected Version(s)

Adifier System < 3.1.4

References

https://patchstack.com/database/vulnerability/adifier-sys...

vdb-entry

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 17, 2024
Vulnerability Reserved
Nov 30, 2023

Credit

FearZzZz (Patchstack Alliance)