Description qdPM 9.2 allows Directory Traversal to list files and directories by navigating to the /uploads URI. Remediation References CVE-2023-45855 Related Vulnerabilities WordPress Plugin FV Flowplayer Video Player SQL Injection (7.5.46.7212) Twisted Web HTTP Server Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2022-21716) MySQL CVE-2020-14765 Vulnerability (CVE-2020-14765) Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-1691) WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce Information Disclosure (3.4.7) Severity High Classification CVE-2023-45855 CWE-22 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Tags Missing Update Known Vulnerabilities