Descrição
The WPMasterToolKit (WPMTK) – All in one plugin plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.5.2. This makes it possible for authenticated attackers, with Administrator-level access and above, to read and modify the contents of arbitrary files on the server, which can contain sensitive information.
Software
Não informado
Tipo Software
Plugin
CVE
CVE-2025-3300
Tags
Nâo informado
Data de publicação
24/04/2025
Última atualização
25/04/2025
Pontuação em CVSS 3.0
7.2
Alto