Vulnerability in Advanced File Manager Shortcodes plugin for WordPress allows reads of arbitrary files on the server
CVE-2023-7062
8.8HIGH
Key Information:
- Vendor
Wordpress
- Vendor
- CVE Published:
- 10 July 2024
What is CVE-2023-7062?
The Advanced File Manager Shortcodes plugin for WordPress is susceptible to a directory traversal vulnerability that affects all versions up to and including 2.4. This flaw allows attackers with contributor-level permissions or higher to traverse the directory structure, potentially gaining unauthorized access to sensitive files stored on the server. Such access can expose critical information, compromising both user data and system integrity.
Affected Version(s)
Advanced File Manager Shortcodes * <= 2.4