← back
CVE-2023-4922

WPB Show Core <= 2.2 - Unauthenticated Local File Inclusion

EPSS 15.7%
Vexday Risk Score
8Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 15.7%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
27 Nov 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The WPB Show Core WordPress plugin through 2.2 is vulnerable to a local file inclusion via the `path` parameter.
Affected products
Unknown · wpb-show-core

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://wpscan.com/vulnerability/968d87c0-af60-45ea-b34e-8551313cc8df