Back to search
CVE-2023-1427
Published: Apr 17, 2023
Modified: Feb 6, 2025
PUBLISHED
Description
- The Photo Gallery by 10Web WordPress plugin before 1.8.15 did not ensure that uploaded files are kept inside its uploads folder, allowing high privilege users to put images anywhere in the filesystem via a path traversal vector.
| Vendor | Product | Versions |
|---|---|---|
Unknown | Photo Gallery by 10Web | affected 0 - < 1.8.15 |
References
https://wpscan.com/vulnerability/c8917ba2-4cb3-4b09-8a49-b7c612254946
exploit
vdb-entry
technical-description
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now