Vulnerabilities > CVE-2022-2557 - Unspecified vulnerability in Radiustheme Team - Wordpress Team Members Showcase

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
radiustheme

Summary

The Team WordPress plugin before 4.1.2 contains a file which could allow any authenticated users to download arbitrary files from the server via a path traversal vector. Furthermore, the file will also be deleted after its content is returned to the user

Vulnerable Configurations

Part Description Count
Application
Radiustheme
43