cbcvebase.
CVE-2023-2252
published 2024-01-16

CVE-2023-2252: The Directorist WordPress plugin before 7.5.4 is vulnerable to Local File Inclusion as it does not validate the file parameter when importing CSV files.

PriorityP417low2.7CVSS 3.1
AVNACLPRHUINSUCLINAN
EXPLOIT
EPSS
1.31%
67.1th percentile
The Directorist WordPress plugin before 7.5.4 is vulnerable to Local File Inclusion as it does not validate the file parameter when importing CSV files.

Affected

1 ranges
VendorProductVersion rangeFixed in
wpwaxdirectorist< 7.5.47.5.4
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.