The Advanced Access Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Read in versions up to, and including, 5.9.8.1 due to insufficient validation on the aam-media parameter. This allows unauthenticated attackers to read any file on the server, including sensitive files such as wp-config.php

Hacktoria


Hacktoria creates CTF Games for OSINT and Digital Forensics enthusiasts. Overlaying fictional events and organizations over our real world, we create immersive games that make learning fun.

Listed: