Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
JupiterX Theme <= 2.0.6 and Jupiter Theme <= 6.10.1 - Authenticated Path Traversal and Local File Inclusion
Vulnerability Description
Vulnerable versions of the Jupiter (<= 6.10.1) and JupiterX (<= 2.0.6) Themes allow logged-in users, including subscriber-level users, to perform Path Traversal and Local File inclusion. In the JupiterX theme, the jupiterx_cp_load_pane_action AJAX action present in the lib/admin/control-panel/control-panel.php file calls the load_control_panel_pane function. It is possible to use this action to include any local PHP file via the slug parameter. The Jupiter theme has a nearly identical vulnerability which can be exploited via the mka_cp_load_pane_action AJAX action present in the framework/admin/control-panel/logic/functions.php file, which calls the mka_cp_load_pane_action function.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
JupiterX Theme 路径遍历漏洞
Vulnerability Description
WordPress等都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。WordPress plugin是一个应用插件。JupiterX Core等都是的产品。JupiterX Core是一款Wordpress高级视图插件。 JupiterX Theme 2.0.6及之前版本 和 Jupiter Theme 6.10.1及之前版本 存在路径遍历漏洞,该漏洞源于Jupiter 和 JupiterX 主题的易受攻击版本允许登录用户(包括订阅者级用户)执行路径遍历和本地文件
CVSS Information
N/A
Vulnerability Type
N/A