This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Wp-Rocket First view 2017-07-26
Product Wp-Rocket Last view 2017-07-26
Version 2.8.4 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software wordpress  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:wp-rocket:wp-rocket

Activity : Overall

Related : CVE

  Date Alert Description
7.5 2017-07-26 CVE-2017-11658

In the WP Rocket plugin 2.9.3 for WordPress, the Local File Inclusion mitigation technique is to trim traversal characters (..) -- however, this is insufficient to stop remote attacks and can be bypassed by using 0x00 bytes, as demonstrated by a .%00.../.%00.../ attack.

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...