Insecure File Storage Vulnerability in SP Project & Document Manager WordPress Plugin

Insecure File Storage Vulnerability in SP Project & Document Manager WordPress Plugin

CVE-2022-1551 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

The SP Project & Document Manager WordPress plugin before 4.58 uses an easily guessable path to store user files, bad actors could use that to access other users' sensitive files.

Learn more about our Wordpress Pen Testing.