Description
The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to bypass the open_basedir protection mechanism and read arbitrary files via vectors involving a stream_close method call during use of a custom stream wrapper.
Remediation
References
Related Vulnerabilities
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-3384)
Craft CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-14280)
WordPress Plugin Backup Migration Arbitrary File Download (1.3.6)
WordPress Plugin Maps Widget for Google Maps-Google Maps Builder Cross-Site Scripting (2.30)