[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f3fZ3xNUNmr_o5j8dF1hH-QByfIYMPp6_xQKYFV1n1tM":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2023-1427","photo-gallery-by-10web-authenticated-administrator-directory-traversal","Photo Gallery by 10Web \u003C= 1.8.14 - Authenticated (Administrator+) Directory Traversal","The Photo Gallery plugin by 10Web for WordPress is vulnerable to Directory Traversal in versions up to, and including, 1.8.14 via the dir parameter. This allows authenticated attackers with administrator-level permissions to upload files to arbitrary directories on the server.","photo-gallery",null,"\u003C=1.8.14","1.8.15","medium",4.9,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:U\u002FC:N\u002FI:H\u002FA:N","Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","2023-03-21 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fa0f55f3e-9a9a-42a7-91b5-0d515519d545?source=api-prod",308]