What the vulnerability does
01Description
Path Traversal vulnerability in WHMPress WHMpress allows Relative Path Traversal. This issue affects WHMpress: from 6.2 through revision.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
What the vulnerability does
Path Traversal vulnerability in WHMPress WHMpress allows Relative Path Traversal. This issue affects WHMpress: from 6.2 through revision.
Explanation of Vulnerability in Simple Terms
WHMpress versions 6.2 and later contain a vulnerability allowing authenticated users with low privileges to read sensitive data, modify site content, or disrupt service. The vulnerability requires network access and specific conditions to exploit. Site administrators should update to a version newer than the affected range as soon as a patch becomes available.
What an attacker can do
Read sensitive data, modify site content, or cause service disruption.
Potential impact on your site
Authenticated users can access confidential information, alter pages/posts, or crash the site.
Conditions required to exploit
Attacker must have low-level user account; no user interaction required.
Key dates
External resources