CVE-2014-4941
Absolute path traversal vulnerability in Cross-RSS (wp-cross-rss) plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a full pathname in the rss parameter to proxy.php.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0044 (0.4%)
Percentil: 63.3%
EPSS: 2026-05-06
Afecta
cross-rss_plugin_project:wp-cross-rssDescripción técnica
Absolute path traversal vulnerability in Cross-RSS (wp-cross-rss) plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a full pathname in the rss parameter to proxy.php.
Publicada: 11/7/2014, 20:55:03
Última modificación: 6/5/2026, 22:30:45