CVE-2020-24143
Description
Directory traversal in the Video Downloader for TikTok (aka downloader-tiktok) plugin 1.3 for WordPress lets an attacker get access to files that are stored outside the web root folder.
Vulnerability Type
Directory Traversal
Vendor of Product
Ninja Team
Affected Product Code Base
Wordpress Plugin - Video Downloader for TikTok - 1.3
Attack Type
Remote
Impact Information Disclosure
true
Reference
- http://ninja.com
- http://wordpress.com
- https://github.com/secwx/research/blob/main/cve/CVE-2020-24143.md
Has vendor confirmed or acknowledged the vulnerability?
true
Discoverer
Suzhou Aurora Infinity Information Technology Co., Ltd.