Unrated severityNVD Advisory· Published Jul 11, 2014· Updated May 6, 2026

CVE-2014-4937

Description

Directory traversal vulnerability in includes/bookx_export.php BookX plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.

Affected products

Bookx Plugin Project/Bookx
cpe:2.3:a:bookx_plugin_project:bookx:1.7:*:*:*:*:wordpress:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

codevigilant.com/disclosure/wp-plugin-bookx-local-file-inclusion/nvdExploit

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.005
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000