CVE-2016-7169Path Traversal in Wordpress

CWE-22Path Traversal8 documents6 sources
Severity
6.3MEDIUMNVD
EPSS
3.0%
top 13.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
WordpressDebian Wordpress
Timeline
PublishedJan 5
Latest updateMay 17

Description

Directory traversal vulnerability in the File_Upload_Upgrader class in wp-admin/includes/class-file-upload-upgrader.php in the upgrade package uploader in WordPress before 4.6.1 allows remote authenticated users to access arbitrary files via a crafted urlholder parameter.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:LExploitability: 2.8 | Impact: 3.4

Affected Packages3 packages

debiandebian/wordpress< wordpress 4.6.1+dfsg-1 (bookworm)
Debianwordpress/wordpress< 4.6.1+dfsg-1+3

Patches

Patch: codex.wordpress.orgPatch: github.comPatch: wordpress.org

🔴Vulnerability Details

2
GHSA
GHSA-g4q2-gc49-8q5w: Directory traversal vulnerability in the File_Upload_Upgrader class in wp-admin/includes/class-file-upload-upgrader2022-05-17
OSV
CVE-2016-7169: Directory traversal vulnerability in the File_Upload_Upgrader class in wp-admin/includes/class-file-upload-upgrader2017-01-05

📋Vendor Advisories

1
Debian
CVE-2016-7169: wordpress - Directory traversal vulnerability in the File_Upload_Upgrader class in wp-admin/...2016

📐Framework References

1
ATT&CK
Exploit Public-Facing Application

💬Community

3
Bugzilla
CVE-2016-7168 CVE-2016-7169 wordpress: two security issues fixed in 4.6.12016-09-08
Bugzilla
CVE-2016-7168 CVE-2016-7169 wordpress: two security issues fixed in 4.6.1 [epel-all]2016-09-08
Bugzilla
CVE-2016-7168 CVE-2016-7169 wordpress: two security issues fixed in 4.6.1 [fedora-all]2016-09-08
CVE-2016-7169 — Path Traversal in Debian Wordpress | cvebase