Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
WordPress Plugin Insert or Embed Articulate Content into WordPress Directory Traversal (4.2999) - Vulnerability Database

WordPress Plugin Insert or Embed Articulate Content into WordPress Directory Traversal (4.2999)

Description

WordPress Plugin Insert or Embed Articulate Content into WordPress is prone to a directory traversal vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Insert or Embed Articulate Content into WordPress version 4.2999 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 4.29991 or latest

References

https://www.cybersecurity-help.cz/vdb/SB2019070301
https://plugins.svn.wordpress.org/insert-or-embed-articulate-content-into-wordpress/trunk/readme.txt

Related Vulnerabilities

WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions Directory Traversal (1.7.14.2) High
Common tags: Missing Update Directory Traversal
WordPress Plugin DB Backup Directory Traversal (4.5) High
Common tags: Missing Update Directory Traversal
Joomla! Core Directory Traversal (2.5.0 - 3.9.20) High
Common tags: Missing Update Directory Traversal
WordPress Plugin MW WP Form Directory Traversal (4.4.2) High
Common tags: Missing Update Directory Traversal
WordPress Plugin Snow Monkey Forms Directory Traversal (5.1.1) High
Common tags: Missing Update Directory Traversal

Severity

High

Classification

CVE-2019-15648
CWE-22
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

Tags

Missing Update
Directory Traversal