Filtered by vendor Brooks24
Subscriptions
Filtered by product Admin-word-count-column
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-50953 | 2 Brooks24, Wordpress | 2 Admin-word-count-column, Wordpress | 2026-06-09 | 6.2 Medium |
| WordPress Plugin admin-word-count-column 2.2 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting null byte injection in the path parameter. Attackers can send GET requests to download-csv.php with a crafted path parameter containing directory traversal sequences and null bytes to bypass file restrictions and read sensitive files like system configuration. | ||||
Page 1 of 1.