Description
The readfile function in PHP 4.4.4, 5.1.6, and 5.2.1 allows context-dependent attackers to bypass safe_mode restrictions and read arbitrary files by referring to local files with a certain URL syntax instead of a pathname syntax, as demonstrated by a filename preceded a "php://../../" sequence.
Remediation
References
Related Vulnerabilities
WordPress 5.7.x Multiple Vulnerabilities (5.7 - 5.7.4)
Oracle JRE CVE-2022-21305 Vulnerability (CVE-2022-21305)
OpenSSL Cryptographic Issues Vulnerability (CVE-2012-0884)
WordPress Plugin Portfolio Gallery-Image Gallery Cross-Site Request Forgery (1.1.2)
WordPress Plugin Malware Scanner Unspecified Vulnerability (4.7.3)