Artbees: >> Jupiterx >> 2.0.7 Security Vulnerabilities
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in artbees JupiterX allows PHP Local File Inclusion.This issue affects JupiterX: from n/a through 3.0.0.
CVSS Score
7.6
EPSS Score
0.006
Published
2024-05-17
Jupiter Theme <= 6.10.1 and JupiterX Core Plugin <= 2.0.7 allow any authenticated attacker, including a subscriber or customer-level attacker, to gain administrative privileges via the "abb_uninstall_template" (both) and "jupiterx_core_cp_uninstall_template" (JupiterX Core Only) AJAX actions
CVSS Score
8.8
EPSS Score
0.004
Published
2022-06-13