VYPR
Medium severity4.9NVD Advisory· Published Apr 17, 2023· Updated Jun 17, 2026

CVE-2023-1427

CVE-2023-1427

Description

  • The Photo Gallery by 10Web WordPress plugin before 1.8.15 did not ensure that uploaded files are kept inside its uploads folder, allowing high privilege users to put images anywhere in the filesystem via a path traversal vector.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.