ThreatPress

WordPress Vulnerabilities Database

Back

WordPress WP Cost Estimation plugin < 9.660 - Upload Directory Traversal vulnerability

Product
WP Cost Estimation & Payment Forms Builder
Description
Upload Directory Traversal vulnerability found by Wordfence in WordPress WP Cost Estimation plugin (versions < 9.660).
Solution
All versions older than version 9.660 are vulnerable, update to the latest version (at least 9.660).
Classification
Type Directory Traversal
OWASP Top 10 A4: Insecure Direct Object References
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In < 9.660
Fixed In 9.660
Disclosure date
2019-02-14
Credits
Wordfence
Submitter
ThreatPress