CVE-2017-18586

CWE-22Path Traversal3 documents3 sources
Severity
9.1CRITICAL
EPSS
0.5%
top 33.03%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Insert Pages Project Insert Pages
Timeline
PublishedAug 22
Latest updateMay 24

Description

The insert-pages plugin before 3.2.4 for WordPress has directory traversal via custom template paths.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 3.9 | Impact: 5.2

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-p8wq-rx2x-qqhw: The insert-pages plugin before 32022-05-24
CVEList
CVE-2017-18586: The insert-pages plugin before 32019-08-22
CVE-2017-18586 (CRITICAL CVSS 9.1) | The insert-pages plugin before 3.2. | cvebase.io