Absolute Path Traversal Vulnerability in Font Plugin for WordPress

Absolute Path Traversal Vulnerability in Font Plugin for WordPress

CVE-2015-7683 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

Absolute path traversal vulnerability in Font.php in the Font plugin before 7.5.1 for WordPress allows remote administrators to read arbitrary files via a full pathname in the url parameter to AjaxProxy.php.

Learn more about our Wordpress Pen Testing.