CVE-2018-18576

The Hustle (aka wordpress-popup) plugin through 6.0.5 for WordPress allows Directory Traversal to obtain a directory listing via the views/admin/dashboard/ URI.
References
Link Resource
https://pastebin.com/ndDJT3d3 Third Party Advisory
https://wordpress.org/plugins/wordpress-popup/#developers Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:incsub:hustle:*:*:*:*:*:wordpress:*:*

Information

Published : 2020-03-17 08:15

Updated : 2020-03-19 12:05


NVD link : CVE-2018-18576

Mitre link : CVE-2018-18576


JSON object : View

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Advertisement

dedicated server usa

Products Affected

incsub

  • hustle