[WordPress Correos Official Plugin](versions 1.3.0.0 and older) Vulnerability to Arbitrary File Download

Importance (CVSS3.0)

★★★★★★★★☆☆　8.6 / 10　 - High

Details

A vulnerability of arbitrary file download was discovered in WordPress Correos Official Plugin.

This vulnerability may allow malicious attackers to download arbitrary files from the website.

This vulnerability hasn’t been fixed yet.

Solutions

There’s no batched version available.

Source

CVE-2023-0331

Vulnerability details

We provide information about critical vulnerabilities of WordPress for people who are using or are considering using Wordpress for their projects.

“[WordPress Correos Official Plugin](versions 1.3.0.0 and older) Vulnerable to Arbitrary File Download”, by WS Security is licensed under CC BY 4.0.