ThreatPress

WordPress Vulnerabilities Database

Back

WordPress <=4.8.1 - Path traversal vulnerability (file unzipping code)

Product
WordPress
Description
Path traversal vulnerability found by Alex Chapman (noxrnet) in WordPress (file unzipping code) version 4.8.1 and earlier versions.
Solution
Update the WordPress to the latest available version (at least 4.8.2).
Classification
Type Directory Traversal
References
WordPress 4.8.2 Security release page
CVE
Name CVE-N/A
Versions
Affected In <=4.8.1
Fixed In 4.8.2
Disclosure date
2017-09-19
Credits
Alex Chapman (noxrnet)
Submitter
ThreatPress