What the vulnerability does
01Description
Path Traversal: '.../...//' vulnerability in Fernando Briano List category posts list-category-posts allows PHP Local File Inclusion.This issue affects List category posts: from n/a through <= 0.91.0.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
What the vulnerability does
Path Traversal: '.../...//' vulnerability in Fernando Briano List category posts list-category-posts allows PHP Local File Inclusion.This issue affects List category posts: from n/a through <= 0.91.0.
Explanation of Vulnerability in Simple Terms
List category posts version 0.91.0 and earlier contains a vulnerability allowing authenticated users with low privileges to read sensitive data, modify site content, or disrupt service. The vulnerability requires network access and high attack complexity. Users should update to a version newer than 0.91.0 when available.
What an attacker can do
Read sensitive data, modify content, or disrupt the site's availability.
Potential impact on your site
Authenticated users can access restricted data, alter posts/pages, or cause downtime.
Conditions required to exploit
Attacker must be authenticated with low-level user privileges and have network access.
Key dates
External resources
Related vulnerabilities