VYPR

Correos Oficial

by WordPress

CVEs (1)

  • CVE-2023-0331HigFeb 27, 2023
    risk 0.49cvss 7.5epss 0.01

    The Correos Oficial WordPress plugin through 1.2.0.2 does not have an authorization check user input validation when generating a file path, allowing unauthenticated attackers to download arbitrary files from the server.