[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fCn31v5aMJabw6_24Pf6kR7Iz3j9Ac2ijz-IUCj0Om3Y":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2023-5672","wp-mail-log-authenticated-contributor-arbitrary-file-read","WP Mail Log \u003C= 1.1.2 - Authenticated (Contributor+) Arbitrary File Read","The WP Mail Log plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.1.2 via the includeAttachment parameter. This makes it possible for authenticated attackers, with contributor-level access and above, to include and read arbitrary files on the server.","wp-mail-log",null,"\u003C=1.1.2","1.1.3","medium",6.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:N\u002FA:N","Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","2023-11-28 00:00:00","2024-02-06 15:50:00",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fa3d14d8f-61f4-4942-9eff-42264bb036bb?source=api-prod",71]