Description
Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a path traversal vulnerability. Successful exploitation could lead to sensitive information disclosure.
Remediation
References
Related Vulnerabilities
WordPress Plugin LiveChat-WP live chat Cross-Site Scripting (3.7.3)
WordPress Plugin WP Symposium Multiple Vulnerabilities (14.10)
WordPress Plugin Wordpress Picture/Portfolio/Media Gallery Server-Side Request Forgery (3.0.1)
WordPress Plugin Mass Delete Unused Tags Cross-Site Request Forgery (2.0.0)