cbcvebase.
CVE-2012-0896
published 2012-01-20

CVE-2012-0896: Absolute path traversal vulnerability in download.php in the Count Per Day module before 3.1.1 for WordPress allows remote attackers to read arbitrary files…

PriorityP343medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
25.22%
97.7th percentile
Absolute path traversal vulnerability in download.php in the Count Per Day module before 3.1.1 for WordPress allows remote attackers to read arbitrary files via the f parameter.

Affected

6 ranges
VendorProductVersion rangeFixed in
count_per_day_projectcount_per_day
count_per_day_projectcount_per_day
count_per_day_projectcount_per_day
count_per_day_projectcount_per_day
tom_braidercount_per_day<= 3.1
tom_braidercount_per_day
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.