Intrusion PreventionWordPress.HTTP.Path.Traversal
Description
This indicates an attack attempt to exploit a Directory Traversal vulnerability in WordPress.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. Successful attacks may allow a remote attacker to view arbitrary local files within the context of the application, crash the affected application or deny services to legitimate users.
Affected Products
Any vulnerable WordPress version or Plugins
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Apply patch if available from the vendor's website.
https://en-ca.wordpress.org/download/
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2021-06-08 | 18.094 | Sig Added |
| 2020-04-30 | 15.831 | Sig Added |
| 2019-06-06 | 14.627 | Severity:high:critical |
| 2018-12-05 | 13.503 | Default_action:pass:drop |
| 2018-11-29 | 13.500 | Sig Added |
| 2018-11-16 | 13.492 | Sig Added |
| 2018-11-14 | 13.490 |
References
45438| ID | 46976 |
| Created | Nov 13, 2018 |
| Updated | Jun 07, 2021 |
| Risk |
|
| CVE ID | CVE-2020-11738 CVE-2019-9618 CVE-2018-16283 CVE-2018-16299 CVE-2022-4101 |
| Known Exploited | Yes |
| Exploit Prediction Score | 97.23% |
| Default Action | drop |
| Active | |
| Affected OS | Windows, Linux, BSD, Solaris, MacOS |
| Affected App | PHP_app |