Description
WordPress is prone to a directory traversal vulnerability because it fails to sufficiently verify user-supplied input data. Exploiting this issue may allow an attacker to access sensitive information that could aid in further attacks. WordPress versions ranging from 3.7 and up to (and including) 5.0.3 are vulnerable.
Remediation
Edit the source code to ensure that input is properly verified, or apply a fix when available
References
Related Vulnerabilities
Apache Traffic Server Integer Overflow or Wraparound Vulnerability (CVE-2018-9481)
WordPress Plugin wpcu3er 'ajaxReq.php' Arbitrary File Upload (0.55)
MySQL CVE-2020-14804 Vulnerability (CVE-2020-14804)
MySQL CVE-2024-21204 Vulnerability (CVE-2024-21204)
Oracle Database Server CVE-2010-0902 Vulnerability (CVE-2010-0902)