{"id":"CVE-2023-2745","details":"WordPress Core is vulnerable to Directory Traversal in versions up to, and including, 6.2, via the ‘wp_lang’ parameter. This allows unauthenticated attackers to access and load arbitrary translation files. In cases where an attacker is able to upload a crafted translation file onto the site, such as via an upload form, this could be also used to perform a Cross-Site Scripting attack.","aliases":["BIT-wordpress-2023-2745","BIT-wordpress-multisite-2023-2745"],"modified":"2026-04-02T08:52:57.090504Z","published":"2023-05-17T09:15:10.303Z","references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2023/06/msg00024.html"},{"type":"WEB","url":"https://www.exploit-db.com/exploits/52274"},{"type":"ADVISORY","url":"https://wordpress.org/news/2023/05/wordpress-6-2-1-maintenance-security-release/"},{"type":"ADVISORY","url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/edcf46b6-368e-49c0-b2c3-99bf6e2d358f?source=cve"},{"type":"ADVISORY","url":"http://packetstormsecurity.com/files/172426/WordPress-Core-6.2-XSS-CSRF-Directory-Traversal.html"},{"type":"FIX","url":"https://core.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=55765%40%2F&new=55765%40%2F&sfp_email=&sfph_mail="}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/wordpress/wordpress","events":[{"introduced":"0"},{"fixed":"206b164e27d3db60ddf5c0b5562b9f92e4fc6fe6"},{"introduced":"87bf150016e042bc3e21f2f1cb9de44042b8cdb1"},{"fixed":"85ae754b8902916c967ccee1d8040e0fb51cdd8f"},{"introduced":"b57f3aa5f00a127f209eff74b78787dd3fd5ed4d"},{"fixed":"02242f4554cbdaa345b4545eb0adad7179f1663f"},{"introduced":"f6a29831c76d2dbe82e9ae673539f910654c58a4"},{"fixed":"2e33df0588ff16f2f932717eddd35804efb8bc85"},{"introduced":"e3aafee3f2bc07e09bf79389f20ea3db731466c3"},{"fixed":"c129defefef81abe776424ddf459f3b04b7338db"},{"introduced":"fe47e6139dbfc0f0c9ce0d79da77926b5fceaa77"},{"fixed":"c12fc446e7d264326cdd77b62d66f3b7ba99379d"},{"introduced":"14247ee4302378d292863865c643abe99bbfe3c7"},{"fixed":"eb5a504bda5fac38796af50725e7f923bc1ad02e"},{"introduced":"06fa4161aa74619239cf27017d124081c825684a"},{"fixed":"7e6cddf8dd03933e0f0f5b44b6c89bec3843e4c7"},{"introduced":"29ffbff370968ae48a1b7a34e35c8b8e75cf0f91"},{"fixed":"dde4da7b797c6f3184834075f3c472a530fe03dd"},{"introduced":"491c67be12ca8a9fe37ae38307ba7e298c976ec3"},{"fixed":"0cac57854d9be31fae947b1ac07e9a6075974264"},{"introduced":"c33464a4554cff8a082bc353d9226d8104b80d2b"},{"fixed":"e6664bb77aa10b2fde05fe5d9b0631d43656c7b6"},{"introduced":"6fe64752be3260f2a47f38e68c2cb77400e5a0c9"},{"fixed":"95b6583c2bca8bfbbc0067f938057c60b2578b58"},{"introduced":"50dc0ca5bb332c895f0f39fe4e6ee1e4a43e06dc"},{"fixed":"18a1be2684e0cbd8c7ebebecfb9ca29b13d7d607"},{"introduced":"9ff4499281663b0c772787fd4a60538288f842e9"},{"fixed":"64da002d598dda6b682cb595bb317008253695b8"},{"introduced":"537fd931bc02e6e934a2d774422b897871aa87ad"},{"fixed":"efb471e7258d930659983062c5759fcbcab01867"},{"introduced":"965fcddcf68cf4fd122ae24b992e242dfea1d773"},{"fixed":"2876d269e6e74858e82dac0bea7cd86ea5a870ec"},{"introduced":"058f9903676a7efaee534a682df0a2a8b87574d8"},{"fixed":"61abfb66115c809782419ab4d5f491a62e08e345"},{"introduced":"50caeb6e61ad0c49d2c7e1d6d5115047a011f590"},{"fixed":"61d5032484ddbbd548b45f293245b3dc0e791ceb"},{"introduced":"73157386d069425c5e6ea7c4fc0122e8a9b58a7b"},{"fixed":"21e34a51aa55a33ca92a24442744ba8c42bc1c48"},{"introduced":"cc101b64012b16d087780657a2b828ccd7794a63"},{"fixed":"527210254519f3f5792ac4a2297d57b981cbfd32"},{"introduced":"6c5d5b5dcb9712bfc400b09cb6627e42898527af"},{"fixed":"ece2b5f087bc93a3ee4047589652d8e4756f8f15"},{"introduced":"0"},{"last_affected":"17e2eff4aa3beb2802cbec12b6f08e2fbf69893d"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"4.1.38"},{"introduced":"4.2"},{"fixed":"4.2.35"},{"introduced":"4.3"},{"fixed":"4.3.31"},{"introduced":"4.4"},{"fixed":"4.4.30"},{"introduced":"4.5"},{"fixed":"4.5.29"},{"introduced":"4.6"},{"fixed":"4.6.26"},{"introduced":"4.7"},{"fixed":"4.7.26"},{"introduced":"4.8"},{"fixed":"4.8.22"},{"introduced":"4.9"},{"fixed":"4.9.23"},{"introduced":"5.0"},{"fixed":"5.0.19"},{"introduced":"5.1"},{"fixed":"5.1.16"},{"introduced":"5.2"},{"fixed":"5.2.18"},{"introduced":"5.3"},{"fixed":"5.3.15"},{"introduced":"5.4"},{"fixed":"5.4.13"},{"introduced":"5.5"},{"fixed":"5.5.12"},{"introduced":"5.6"},{"fixed":"5.6.11"},{"introduced":"5.7"},{"fixed":"5.7.9"},{"introduced":"5.8"},{"fixed":"5.8.7"},{"introduced":"5.9"},{"fixed":"5.9.6"},{"introduced":"6.0"},{"fixed":"6.0.4"},{"introduced":"6.1"},{"fixed":"6.1.2"},{"introduced":"0"},{"last_affected":"6.2"}]}}],"versions":["1.5","1.5.1","1.5.1.1","1.5.1.2","1.5.1.3","1.5.2","2.0","2.0.1","2.0.10","2.0.11","2.0.2","2.0.3","2.0.4","2.0.5","2.0.6","2.0.7","2.0.8","2.0.9","2.1","2.1.1","2.1.2","2.1.3","2.2","2.2.1","2.2.2","2.2.3","2.3","2.3.1","2.3.2","2.3.3","2.5","2.5.1","2.6","2.6.1","2.6.2","2.6.3","2.6.5","2.7","2.7.1","2.8","2.8.1","2.8.2","2.8.3","2.8.4","2.8.5","2.8.6","2.9","2.9.1","2.9.2","3.0","3.0.1","3.0.2","3.0.3","3.0.4","3.0.5","3.0.6","3.1","3.1.1","3.1.2","3.1.3","3.1.4","3.2","3.2.1","3.3","3.3.1","3.3.2","3.3.3","3.4","3.4.1","3.4.2","3.5","3.5.1","3.5.2","3.6","3.6.1","3.7","3.7.1","3.7.10","3.7.11","3.7.12","3.7.13","3.7.14","3.7.15","3.7.16","3.7.17","3.7.18","3.7.19","3.7.2","3.7.20","3.7.21","3.7.22","3.7.23","3.7.24","3.7.25","3.7.26","3.7.27","3.7.28","3.7.29","3.7.3","3.7.30","3.7.31","3.7.32","3.7.33","3.7.34","3.7.35","3.7.36","3.7.37","3.7.38","3.7.39","3.7.4","3.7.40","3.7.41","3.7.5","3.7.6","3.7.7","3.7.8","3.7.9","3.8","3.8.1","3.8.10","3.8.11","3.8.12","3.8.13","3.8.14","3.8.15","3.8.16","3.8.17","3.8.18","3.8.19","3.8.2","3.8.20","3.8.21","3.8.22","3.8.23","3.8.24","3.8.25","3.8.26","3.8.27","3.8.28","3.8.29","3.8.3","3.8.30","3.8.31","3.8.32","3.8.33","3.8.34","3.8.35","3.8.36","3.8.37","3.8.38","3.8.39","3.8.4","3.8.40","3.8.41","3.8.5","3.8.6","3.8.7","3.8.8","3.8.9","3.9","3.9.1","3.9.10","3.9.11","3.9.12","3.9.13","3.9.14","3.9.15","3.9.16","3.9.17","3.9.18","3.9.19","3.9.2","3.9.20","3.9.21","3.9.22","3.9.23","3.9.24","3.9.25","3.9.26","3.9.27","3.9.28","3.9.29","3.9.3","3.9.30","3.9.31","3.9.32","3.9.33","3.9.34","3.9.35","3.9.36","3.9.37","3.9.39","3.9.4","3.9.40","3.9.5","3.9.6","3.9.7","3.9.8","3.9.9","4.0","4.0.1","4.0.10","4.0.11","4.0.12","4.0.13","4.0.14","4.0.15","4.0.16","4.0.17","4.0.18","4.0.19","4.0.2","4.0.20","4.0.21","4.0.22","4.0.23","4.0.24","4.0.25","4.0.26","4.0.27","4.0.28","4.0.29","4.0.3","4.0.30","4.0.31","4.0.32","4.0.33","4.0.34","4.0.35","4.0.36","4.0.37","4.0.38","4.0.4","4.0.5","4.0.6","4.0.7","4.0.8","4.0.9","4.1","4.1.1","4.1.10","4.1.11","4.1.12","4.1.13","4.1.14","4.1.15","4.1.16","4.1.17","4.1.18","4.1.19","4.1.2","4.1.20","4.1.21","4.1.22","4.1.23","4.1.24","4.1.25","4.1.26","4.1.27","4.1.28","4.1.29","4.1.3","4.1.30","4.1.31","4.1.32","4.1.33","4.1.34","4.1.35","4.1.36","4.1.37","4.1.39","4.1.4","4.1.40","4.1.41","4.1.42","4.1.5","4.1.6","4.1.7","4.1.8","4.1.9","4.2","4.2.1","4.2.10","4.2.11","4.2.12","4.2.13","4.2.14","4.2.15","4.2.16","4.2.17","4.2.18","4.2.19","4.2.2","4.2.20","4.2.21","4.2.22","4.2.23","4.2.24","4.2.25","4.2.26","4.2.27","4.2.28","4.2.29","4.2.3","4.2.30","4.2.31","4.2.32","4.2.33","4.2.34","4.2.36","4.2.37","4.2.38","4.2.39","4.2.4","4.2.5","4.2.6","4.2.7","4.2.8","4.2.9","4.3","4.3.1","4.3.10","4.3.11","4.3.12","4.3.13","4.3.14","4.3.15","4.3.16","4.3.17","4.3.18","4.3.19","4.3.2","4.3.20","4.3.21","4.3.22","4.3.23","4.3.24","4.3.25","4.3.26","4.3.27","4.3.28","4.3.29","4.3.3","4.3.30","4.3.32","4.3.33","4.3.34","4.3.35","4.3.4","4.3.5","4.3.6","4.3.7","4.3.8","4.3.9","4.4","4.4.1","4.4.10","4.4.11","4.4.12","4.4.13","4.4.14","4.4.15","4.4.16","4.4.17","4.4.18","4.4.19","4.4.2","4.4.20","4.4.21","4.4.22","4.4.23","4.4.24","4.4.25","4.4.26","4.4.27","4.4.28","4.4.29","4.4.3","4.4.31","4.4.32","4.4.33","4.4.34","4.4.4","4.4.5","4.4.6","4.4.7","4.4.8","4.4.9","4.5","4.5.1","4.5.10","4.5.11","4.5.12","4.5.13","4.5.14","4.5.15","4.5.16","4.5.17","4.5.18","4.5.19","4.5.2","4.5.20","4.5.21","4.5.22","4.5.23","4.5.24","4.5.25","4.5.26","4.5.27","4.5.28","4.5.3","4.5.30","4.5.31","4.5.32","4.5.33","4.5.4","4.5.5","4.5.6","4.5.7","4.5.8","4.5.9","4.6","4.6.1","4.6.10","4.6.11","4.6.12","4.6.13","4.6.14","4.6.15","4.6.16","4.6.17","4.6.18","4.6.19","4.6.2","4.6.20","4.6.21","4.6.22","4.6.23","4.6.24","4.6.25","4.6.27","4.6.28","4.6.29","4.6.3","4.6.30","4.6.4","4.6.5","4.6.6","4.6.7","4.6.8","4.6.9","4.7","4.7.1","4.7.10","4.7.11","4.7.12","4.7.13","4.7.14","4.7.15","4.7.16","4.7.17","4.7.18","4.7.19","4.7.2","4.7.20","4.7.21","4.7.22","4.7.23","4.7.24","4.7.25","4.7.27","4.7.28","4.7.29","4.7.3","4.7.30","4.7.31","4.7.4","4.7.5","4.7.6","4.7.7","4.7.8","4.7.9","4.8","4.8.1","4.8.10","4.8.11","4.8.12","4.8.13","4.8.14","4.8.15","4.8.16","4.8.17","4.8.18","4.8.19","4.8.2","4.8.20","4.8.21","4.8.23","4.8.24","4.8.25","4.8.26","4.8.27","4.8.3","4.8.4","4.8.5","4.8.6","4.8.7","4.8.8","4.8.9","4.9","4.9.1","4.9.10","4.9.11","4.9.12","4.9.13","4.9.14","4.9.15","4.9.16","4.9.17","4.9.18","4.9.19","4.9.2","4.9.20","4.9.21","4.9.22","4.9.24","4.9.25","4.9.26","4.9.27","4.9.28","4.9.3","4.9.4","4.9.5","4.9.6","4.9.7","4.9.8","4.9.9","5.0","5.0.1","5.0.10","5.0.11","5.0.12","5.0.13","5.0.14","5.0.15","5.0.16","5.0.17","5.0.18","5.0.2","5.0.20","5.0.21","5.0.22","5.0.23","5.0.24","5.0.3","5.0.4","5.0.5","5.0.6","5.0.7","5.0.8","5.0.9","5.1","5.1.1","5.1.10","5.1.11","5.1.12","5.1.13","5.1.14","5.1.15","5.1.17","5.1.18","5.1.19","5.1.2","5.1.20","5.1.21","5.1.3","5.1.4","5.1.5","5.1.6","5.1.7","5.1.8","5.1.9","5.2","5.2.1","5.2.10","5.2.11","5.2.12","5.2.13","5.2.14","5.2.15","5.2.16","5.2.17","5.2.19","5.2.2","5.2.20","5.2.21","5.2.22","5.2.23","5.2.3","5.2.4","5.2.5","5.2.6","5.2.7","5.2.8","5.2.9","5.3","5.3.1","5.3.10","5.3.11","5.3.12","5.3.13","5.3.14","5.3.16","5.3.17","5.3.18","5.3.19","5.3.2","5.3.20","5.3.3","5.3.4","5.3.5","5.3.6","5.3.7","5.3.8","5.3.9","5.4","5.4.1","5.4.10","5.4.11","5.4.12","5.4.14","5.4.15","5.4.16","5.4.17","5.4.18","5.4.2","5.4.3","5.4.4","5.4.5","5.4.6","5.4.7","5.4.8","5.4.9","5.5","5.5.1","5.5.10","5.5.11","5.5.13","5.5.14","5.5.15","5.5.16","5.5.17","5.5.2","5.5.3","5.5.4","5.5.5","5.5.6","5.5.7","5.5.8","5.5.9","5.6","5.6.1","5.6.10","5.6.12","5.6.13","5.6.14","5.6.15","5.6.16","5.6.2","5.6.3","5.6.4","5.6.5","5.6.6","5.6.7","5.6.8","5.6.9","5.7","5.7.1","5.7.10","5.7.11","5.7.12","5.7.13","5.7.14","5.7.2","5.7.3","5.7.4","5.7.5","5.7.6","5.7.7","5.7.8","5.8","5.8.1","5.8.10","5.8.11","5.8.12","5.8.2","5.8.3","5.8.4","5.8.5","5.8.6","5.8.8","5.8.9","5.9","5.9.1","5.9.10","5.9.11","5.9.12","5.9.2","5.9.3","5.9.4","5.9.5","5.9.7","5.9.8","5.9.9","6.0","6.0.1","6.0.10","6.0.11","6.0.2","6.0.3","6.0.5","6.0.6","6.0.7","6.0.8","6.0.9","6.1","6.1.1","6.1.3","6.1.4","6.1.5","6.1.6","6.1.7","6.1.8","6.1.9","6.2","6.2.1","6.2.2","6.2.3","6.2.4","6.2.5","6.2.6","6.2.7","6.2.8","6.3","6.3.1","6.3.2","6.3.3","6.3.4","6.3.5","6.3.6","6.3.7","6.4","6.4.1","6.4.2","6.4.3","6.4.4","6.4.5","6.4.6","6.4.7","6.5","6.5.1","6.5.2","6.5.3","6.5.4","6.5.5","6.5.6","6.5.7","6.6","6.6.1","6.6.2","6.6.3","6.6.4","6.7","6.7.1","6.7.2","6.7.3","6.7.4","6.8","6.8.1","6.8.2","6.8.3","6.9"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-2745.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N"}]}