Themes Vulnerabilities

mTheme Unus < 2.3 - Directory Traversal

Description

The mTheme-Unus WordPress theme was affected by a Directory Traversal security vulnerability.

Affects Themes

mTheme-Unus
Fixed in 2.3

References

CVE
CVE-2015-9406
URL
https://packetstormsecurity.com/files/#133778/

Classification

Type
TRAVERSAL
OWASP top 10
A1: Injection
CWE
CWE-22
CVSS
7.5 (high)

Miscellaneous

Verified
No
WPVDB ID
d54b6b63-f280-412e-8c8f-17186727ac36

Timeline

Publicly Published
2015-09-30 (about 8 years ago)
Added
2019-09-27 (about 4 years ago)
Last Updated
2020-09-22 (about 3 years ago)

Other

Published
Title
Published
2022-10-28
Title
Ultimate Member < 2.5.1 - Contributor+ LFI via Traversal
Published
2021-01-15
Title
Simple Job Board < 2.9.4 - Authenticated Path Traversal Leading to Arbitrary File Download
Published
2023-05-16
Title
WP < 6.2.1 - Directory Traversal via Translation Files
Published
2022-10-20
Title
Welcart eCommerce < 2.7.8 - Unauthenticated Arbitrary File Access
Published
2022-09-19
Title
Contact Form by WPForms < 1.7.5.5 - Admin+ Arbitrary File Access