Vulnerability Details CVE-2014-4941
Absolute path traversal vulnerability in Cross-RSS (wp-cross-rss) plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a full pathname in the rss parameter to proxy.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.019
EPSS Ranking 82.5%
CVSS Severity
CVSS v2 Score 5.0
References
Products affected by CVE-2014-4941
-
cpe:2.3:a:cross-rss_plugin_project:wp-cross-rss:1.7