ThreatPress

WordPress Vulnerabilities Database

Back

WordPress <=4.8.1 - Path traversal vulnerability (customizer)

Product
WordPress
Description
Path traversal vulnerability found by Weston Ruter of the WordPress Security Team in WordPress (customizer) version 4.8.1 and earlier versions.
Solution
Update the WordPress to the latest available version (at least 4.8.2).
Classification
Type Directory Traversal
References
WordPress 4.8.2 Security release page
CVE
Name CVE-N/A
Versions
Affected In <=4.8.1
Fixed In 4.8.2
Disclosure date
2017-09-19
Credits
Weston Ruter (WordPress Security Team)
Submitter
ThreatPress