[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f_kMKzA3Wkerl_f6LvfSNt9U7-9loZRX-LQVOojDPQmk":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"WF-8bd04a52-ed59-4305-831e-646ab5801d36-wps-cleaner","wps-cleaner-arbitrary-media-file-disclosure","WPS Cleaner \u003C= 1.4.4 - Arbitrary Media File Disclosure","The WPS Cleaner plugin for WordPress is vulnerable to Arbitrary Media File Disclosure in versions up to, and including, 1.4.4 via the 'files' parameter found in the '\u002Fclasses\u002Fplugin.php' file. This makes it possible for unauthenticated attackers to retrieve any media file from the site by passing the appropriate ID to the files parameter. These may contain sensitive information.","wps-cleaner",null,"\u003C=1.4.4","1.4.5","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Authorization Bypass Through User-Controlled Key","2019-07-23 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F8bd04a52-ed59-4305-831e-646ab5801d36?source=api-prod",1645]