{
"vulnerabilities":[
{
"id":7976,
"product_id":2175,
"title":"WordPress File Upload plugin <= 4.16.2 - Contributor+ Path Traversal vulnerability leading to Remote Code Execution (RCE)",
"description":"Contributor+ Path Traversal vulnerability leading to Remote Code Execution (RCE) discovered by apple502j in WordPress File Upload plugin (versions <= 4.16.2).",
"disclosure_date":"2022-03-01 00:00:00",
"disclosed_at":"2022-03-01T00:00:00+00:00",
"created_at":"2022-03-07T11:17:05+00:00",
"url":"wordpress-file-upload-plugin-4-16-2-contributor-path-traversal-vulnerability-leading-to-remote-code-execution-rce",
"product_slug":"wp-file-upload",
"product_name":"WordPress File Upload",
"product_name_premium":null,
"product_type":"Plugin",
"vuln_type":"Directory Traversal",
"cvss_score":8.8,
"cve":[
"2021-24962"
],
"affected_in":"<= 4.16.2",
"fixed_in":"4.16.3",
"patched_in_ranges":[
],
"direct_url":"https://patchstack.com/database/vulnerability/wp-file-upload/wordpress-file-upload-plugin-4-16-2-contributor-path-traversal-vulnerability-leading-to-remote-code-execution-rce"
},
{
"id":7957,
"product_id":3808,
"title":"WordPress All in One Invite Codes plugin <= 1.0.12 - Sensitive Information Disclosure vulnerability",
"description":"Sensitive Information Disclosure vulnerability discovered in WordPress All in One Invite Codes plugin (versions <= 1.0.12).",
"disclosure_date":"2022-02-28 00:00:00",
"disclosed_at":"2022-02-28T00:00:00+00:00",
"created_at":"2022-03-03T13:25:05+00:00",
"url":"wordpress-all-in-one-invite-codes-plugin-1012-sensitive-information-disclosure-vulnerability",
"product_slug":"all-in-one-invite-codes",
"product_name":"All in One Invite Codes",
"product_name_premium":null,
"product_type":"Plugin",
"vuln_type":"Information Disclosure",
"is_exploited":true,
"cvss_score":4.3,
"cve":[
],
"affected_in":"<= 1.0.12",
"fixed_in":"",
"patched_in_ranges":[
],
"direct_url":"https://patchstack.com/database/vulnerability/all-in-one-invite-codes/wordpress-all-in-one-invite-codes-plugin-1012-sensitive-information-disclosure-vulnerability"
}
]
}