What the vulnerability does
01Description
Path Traversal: '.../...//' vulnerability in AA-Team Pro Bulk Watermark Plugin for WordPress allows Path Traversal.This issue affects Pro Bulk Watermark Plugin for WordPress: from n/a through 2.0.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
What the vulnerability does
Path Traversal: '.../...//' vulnerability in AA-Team Pro Bulk Watermark Plugin for WordPress allows Path Traversal.This issue affects Pro Bulk Watermark Plugin for WordPress: from n/a through 2.0.
Explanation of Vulnerability in Simple Terms
The Pro Bulk Watermark Plugin for WordPress versions up to 2.0 contains an information disclosure vulnerability. An authenticated user with low privileges can read sensitive data they should not have access to. The vulnerability requires network access but no user interaction. Site administrators should update the plugin to a version newer than 2.0 when available.
What an attacker can do
Read sensitive data accessible to low-privilege authenticated users.
Potential impact on your site
Sensitive information may be exposed to authenticated users with limited permissions.
Conditions required to exploit
Attacker must have a low-privilege WordPress user account; no user interaction required.
Key dates
External resources