Untriaged
Permalink
CVE-2025-30596
6.5 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): LOW
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): NONE
- Availability impact (A): NONE
WordPress include-file <= 1 - Arbitrary File Download Vulnerability
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in NotFound include-file allows Path Traversal. This issue affects include-file: from n/a through 1.
References
Affected products
include-file
- =<1
Matching in nixpkgs
pkgs.haskellPackages.include-file
Inclusion of files in executables at compile-time
-
nixos-unstable -
- nixpkgs-unstable 0.1.0.4