WordPress Plugin Vulnerabilities

Fast Velocity Minify < 2.7.7 - Full Path Disclosure

Description

The Fast Velocity Minify WordPress plugin was affected by a Full Path Disclosure security vulnerability.

Affects Plugins

Plugin icon
fast-velocity-minify
Fixed in 2.7.7

References

CVE
CVE-2019-19983
URL
https://www.wordfence.com/blog/2019/10/medium-severity-vulnerability-patched-in-fast-velocity-minify-plugin/

Classification

Type
FPD
OWASP top 10
A6: Security Misconfiguration
CWE
CWE-209
CVSS
4.3 (medium)

Miscellaneous

Original Researcher
Wordfence
Verified
No
WPVDB ID
70eb2496-8aaa-4128-b8d6-25eb78f7ab2e

Timeline

Publicly Published
2019-10-16 (about 6 years ago)
Added
2019-10-16 (about 6 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2014-08-01
Title
JS MultiHotel 2.2.1 - includes/timthumb.php src Parameter Direct Request Path Disclosure
Published
2013-04-24
Title
Photocrati Theme - Full Path Disclosure
Published
2014-08-01
Title
Meta Slider 2.1.6 - Multiple Full Path Disclosure
Published
2013-06-21
Title
Wordpress 3.4 - 3.5.1 /wp-admin/users.php Malformed s Parameter Path Disclosure
Published
2014-08-01
Title
Shotzz - Full Path Disclosure