Themes Vulnerabilities

mTheme Unus < 2.3 - Directory Traversal

Description

The mTheme-Unus WordPress theme was affected by a Directory Traversal security vulnerability.

Affects Themes

mTheme-Unus
Fixed in 2.3

References

CVE
CVE-2015-9406
URL
https://packetstormsecurity.com/files/#133778/

Classification

Type
TRAVERSAL
OWASP top 10
A1: Injection
CWE
CWE-22
CVSS
7.5 (high)

Miscellaneous

Verified
No
WPVDB ID
d54b6b63-f280-412e-8c8f-17186727ac36

Timeline

Publicly Published
2015-09-30 (about 10 years ago)
Added
2019-09-27 (about 6 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2022-05-16
Title
User Meta < 2.4.4 - Subscriber+ Local File Enumeration via Path Traversal
Published
2024-01-03
Title
WP Compress < 6.10.34 - Unauthenticated Arbitrary File Read
Published
2021-12-01
Title
OMGF < 4.5.12 - Admin+ Arbitrary Folder Deletion via Path Traversal
Published
2022-10-14
Title
WP All Import < 3.6.9 - Admin+ Directory traversal via file upload
Published
2022-12-12
Title
Wholesale Market for WooCommerce < 2.0.0 - Admin+ Arbitrary Log Download