Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Unauthenticated network-reachable path traversal (AV:N/AC:L/PR:N/UI:N) yielding arbitrary file read, so C:H with no integrity or availability impact and unchanged scope.
Primary rating from Vendor (Wordfence).
CVSS VectorVendor: Wordfence
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
2DescriptionCVE.org
The Jssor Slider by jssor.com plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.1.24 via the 'url' parameter parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information.
AnalysisAI
Arbitrary file disclosure in the Jssor Slider by jssor.com WordPress plugin (all versions through 3.1.24) lets unauthenticated remote attackers traverse the filesystem via the 'url' parameter and read the contents of any file the web server can access, such as wp-config.php. Wordfence disclosed the flaw and points to the plugin's admin controller code; no public exploit is identified at time of analysis and it is not listed in CISA KEV. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | No special conditions - remote unauthenticated exploitation against default configurations of the Jssor Slider WordPress plugin (versions ≤3.1.24), reachable over the network with no authentication and no user interaction (AV:N/AC:L/PR:N/UI:N). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N, base 7.5) describes a cleanly exploitable, network-reachable, unauthenticated read primitive with no user interaction - high confidentiality impact and no integrity or availability impact, which is consistent with a file-read directory traversal. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An unauthenticated attacker sends a single crafted HTTP request to the plugin's endpoint with a 'url' parameter set to a traversal sequence like '../../../../wp-config.php', and the server returns the file's contents, exposing database credentials and WordPress secret keys. With low attack complexity and no authentication or user interaction required, this is trivially scriptable and can be run at scale against many WordPress sites; no public POC is identified in the provided data. |
| Remediation | No vendor-released patch identified at time of analysis - all versions through 3.1.24 are listed as vulnerable and no fixed version is provided, so upgrading is not yet a confirmed option; monitor the Wordfence advisory (https://www.wordfence.com/threat-intel/vulnerabilities/id/0cd880c9-75fe-420b-ae41-558678adb57b?source=cve) and the plugin page for a release above 3.1.24. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all WordPress installations running Jssor Slider plugin versions ≤3.1.24, immediately deactivate the plugin on all affected systems, and document affected installations for remediation tracking. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-42159
GHSA-j9c4-4mg9-mwfh