CVE-2022-0779 Information

Description

The User Meta WordPress plugin before 2.4.4 does not validate the filepath parameter of its um_show_uploaded_file AJAX action which could allow low privileged users such as subscriber to enumerate the local files on the web server via path traversal payloads

Reference

https://wpscan.com/vulnerability/9d4a3f09-b011-4d87-ab63-332e505cf1cd