File Away 漏洞列表
共找到 3 个与 File Away 相关的漏洞
📅 加载漏洞趋势中...
-
CVE-2025-2539: File Away <= 3.9.9.0.1 - Missing Authorization to Unauthenticated Arbitrary File Read POC
The File Away plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ajax() function in all versions up to, and including, 3.9.9.0.1. This makes it possible for unauthenticated attackers, leveraging the use of a reversible weak algorithm, to read the contents of arbitrary files on the server, which can contain sensitive information. -
CVE-2025-2539: File Away <= 3.9.9.0.1 - Missing Authorization to Unauthenticated Arbitrary File Read POC
The File Away plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ajax() function in all versions up to, and including, 3.9.9.0.1. This makes it possible for unauthenticated attackers, leveraging the use of a reversible weak algorithm, to read the contents of arbitrary files on the server, which can contain sensitive information. -
Wordpress 插件 File Away /wp-admin/admin-ajax.php 文件读取漏洞(CVE-2025-2539) 无POC
File Away是一个易于使用且超级可定制的前端表单。File Away <= 3.9.9.0.1版本存在任意文件读取漏洞,攻击者获取系统敏感文件。