CVE Details: CVE-2023-2252

Description

The Directorist WordPress plugin before 7.5.4 is vulnerable to Local File Inclusion as it does not validate the file parameter when importing CSV files.

Published Date: 2024-01-16
Last Modified Date: 2024-01-23
Severity: LOW
CVSS v3 Score: 2.7
CWE ID: CWE-22
Attack Vector: NETWORK
Attack Complexity: LOW
Privileges Required: HIGH
User Interaction: NONE
Scope: UNCHANGED
Confidentiality Impact: LOW
Integrity Impact: NONE
Availability Impact: NONE

Back to CVE List