The WP Mail Log WordPress plugin before 1.1.3 does not properly validate file path parameters when attaching files to emails, leading to local file inclusion, and allowing an attacker to leak the contents of arbitrary files.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2023-12-26T18:33:09.420Z
Updated: 2024-08-02T08:07:32.489Z
Reserved: 2023-10-20T00:25:27.900Z
Link: CVE-2023-5672
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-12-26T19:15:07.937
Modified: 2024-01-04T17:08:45.617
Link: CVE-2023-5672
Redhat
No data.