WordPress.Admin.API.plugin.Directory.Traversal
Description
This indicates an attack attempt against a Directory Traversal vulnerability in WordPress
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application while handling maliciously crafted requests to Admin API. A remote attacker can exploit this to perform a denial of service attack on the service target via multiple crafted requests.
Affected Products
WordPress Project WordPress prior to 4.6
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Apply the latest patch from the vendor.
https://core.trac.wordpress.org/ticket/37490
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2021-10-13 | 18.177 | Sig Added |
2019-06-10 | 14.629 | Severity:medium:high |