Vulnerabilities

CVE-2021-25004

by Fred · 07/02/2022

The SEUR Oficial WordPress plugin before 1.7.2 creates a PHP file with a random name when installed, even though it is used for support purposes, it allows to download any file from the web server without restriction after knowing the URL and a password than an administrator can see in the plugin settings page.

Date published : 2022-02-07

https://wpscan.com/vulnerability/cfbc2b43-b8f8-4bcb-a3d3-39d217afa530

Similar

Tags: Cybersecurity Alert