Vulnerability Details CVE-2020-24143
Directory traversal in the Video Downloader for TikTok (aka downloader-tiktok) plugin 1.3 for WordPress lets an attacker get access to files that are stored outside the web root folder via the njt-tk-download-video parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.7%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2020-24143
-
cpe:2.3:a:ninjateam:video_downloader_for_tiktok:1.3