This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
Detail | |||
---|---|---|---|
Vendor | Wp-Rocket | First view | 2017-07-26 |
Product | Wp-Rocket | Last view | 2017-07-26 |
Version | 2.8.4 | Type | Application |
Update | * | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | wordpress | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:a:wp-rocket:wp-rocket |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.5 | 2017-07-26 | CVE-2017-11658 | In the WP Rocket plugin 2.9.3 for WordPress, the Local File Inclusion mitigation technique is to trim traversal characters (..) -- however, this is insufficient to stop remote attacks and can be bypassed by using 0x00 bytes, as demonstrated by a .%00.../.%00.../ attack. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
100% (1) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |