CyberSec.Space Logo
返回 CVE 浏览器

CVE-2016-10977

MEDIUM
6.5
CVSS Severity Score
EPSS Score0.1710%
EPSS Percentile9.34th
Published2019年9月17日
Last Modified2024年11月21日

Vulnerability Description

The nelio-ab-testing plugin before 4.5.0 for WordPress has filename=..%2f directory traversal.

Affected Platforms (CPE)

📦
Neliosoftware

Nelio Ab Testing

< 4.5.0

References & Advisories

🔗 https://wordpress.org/plugins/nelio-ab-testing/#developers
🔗 https://wpvulndb.com/vulnerabilities/8491
🔗 https://www.openwall.com/lists/oss-security/2016/05/10/1
🔗 https://wordpress.org/plugins/nelio-ab-testing/#developers
🔗 https://wpvulndb.com/vulnerabilities/8491
🔗 https://www.openwall.com/lists/oss-security/2016/05/10/1

相关漏洞威胁

CVE-2016-1092610.0

The nelio-ab-testing plugin before 4.5.9 for WordPress has SSRF in ajax/iesupport.php.

CVE-2016-1092710.0

The nelio-ab-testing plugin before 4.5.11 for WordPress has SSRF in ajax/iesupport.php.

CVE-2017-185478.8

The nelio-ab-testing plugin before 4.6.4 for WordPress has CSRF in experiment forms.

CVE-2016-198510.0

HPE Operations Manager 8.x and 9.0 on Windows allows remote attackers to execute arbitrary commands via a crafted serialized Java ...